Ransomware

Introduction

Ransomware

Ransomware is a type of malware which seeks to disrupt a workstation or entire network and most importantly potential loss of important files.

This type of malware can also lock down the computer and extorts the user for payment in order to continue using the computer.

Effects

While some older variants of this malware will act as an overlay or display fake popups many strains are far worse and will encrypt your data then hold it for ransom. These threats will threaten to destroy the data if the user doesn’t pay.

Often times attackers will use payment gateways such as Bitcoin, western union or other payment processors in an attempt to conceal their identity.

In the event of an attack it is not recommended to pay these criminals as this provides an incentive to continue these malware campaigns.

When it comes to this type of malware the most serious effect is losing important files and experiencing downtime due to damaged data.

Examples

There are many types of nasty ransomware which has been on the rise in recent years, here are a couple of notable variants.

  • Cryptolocker: Spread in 2014 and caused widespread damage by encrypting local hard drives as well as network shares and other storage devices connected to a infected computer. Estimated by researchers to have made in excess of $30 million for the criminals who created the malware.
  • Petya: Notable strain which was first discovered in 2016 targeting Windows. It encrypts data on drives and also infects the master boot record preventing Windows from starting and also has the capability to spread to other networked folders and drives.
  • Locky: Primarily spread via emails purporting to be invoices and other documents. Locky also then proceeds to encrypt all data and changes file extensions to .locky to prevent users opening their files.

Protecting against this threat

petya

The best defense against ransom malware is to keep your system up-to-date and maintain comprehensive backups of all your important data. Other steps you can take includes keeping offline backups, setting permissions to lock down certain computers and run regular anti-virus and anti-malware scans.

Recommended tools

Malwarebytes (Runs alongside existing anti-virus tools, premium version has built-in ransomware protection features)

Ransomfree (free tool to monitor for potential encryption attempts)

Conclusion

Overall the threats of this malware remain high making backups ever more important, hope this information has helped you. Be sure to share your comments down below and share the page with your friends.

*Image credits

FBI Ransom image Motormille2 [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)], from Wikimedia Commons

Cryptolocker image sourced from Flickr under Creative commons

Summary
What is ransomware
Article Name
What is ransomware
Description
This page explains what ransomware is and how to protect against it.
Author
Publisher Name
AGR Technology