What is Ransomware and Easy Steps To Keep Your data and System Protected

What is Ransomware
Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim's data and demands payment for the decryption key. 

Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.Attackers may use one of several different approaches to extort money from their victims:

After a victim discovers he cannot open a file, he receives an email ransom note demanding a relatively small amount of money in exchange for a private key. The attacker warns that if the ransom is not paid by a certain date, the private key will be destroyed and the data will be lost forever.

The victim is duped into believing he is the subject of an police inquiry. After being informed that unlicensed software or illegal web content has been found on his computer, the victim is given instructions for how to pay an electronic fine.



Read about: Bitcoin use in Ransomware

The malware surreptitiously encrypts the victim's data but does nothing else. In this approach, the data kidnapper anticipates that the victim will look on the Internet for how to fix the problem and makes money by selling anti-ransomware software on legitimate websites.To protect against data kidnapping, experts urge that users backup data on a regular basis. If an attack occurs, do not pay a ransom. Instead, wipe the disk drive clean and restore data from the backup.

Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files.

"There are two types of ransomware in circulation:"

"Encrypting ransomware:" which incorporates advanced encryption algorithms. It’s designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content. Examples include CryptoLocker, Locky, CrytpoWall and more.

"Locker ransomware:" which locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker.

"Ransomware has some key characteristics that set it apart from other malware:"

It features unbreakable encryption, which means that you can’t decrypt the files on your own (there are various decryption tools released by cyber security researchers – more on that later);
It has the ability to encrypt all kinds of files, from documents to pictures, videos, audio files and other things you may have on your PC;

It can scramble your file names, so you can’t know which data was affected. This is one of the social engineering tricks used to confuse and coerce victims into paying the ransom;

It will add a different extension to your files, to sometimes signal a specific type of ransomware strain;

It will display an image or a message that lets you know your data has been encrypted and that you have to pay a specific sum of money to get it back;

It requests payment in Bitcoins, because this crypto-currency cannot be tracked by cyber security researchers or law enforcements agencies;

Usually, the ransom payments has a time-limit, to add another level of psychological constraint to this extortion scheme. Going over the deadline typically means that the ransom will increase, but it can also mean that the data will be destroyed and lost forever.

It uses a complex set of evasion techniques to go undetected by traditional antivirus (more on this in the “Why ransomware often goes undetected by antivirus” section);

It often recruits the infected PCs into botnets, so cyber criminals can expand their infrastructure and fuel future attacks;
It can spread to other PCs connected in a local network, creating further damage;

It frequently features data exfiltration capabilities, which means that ransomware can extract data from the affected computer (usernames, passwords, email addresses, etc.) and send it to a server controlled by cyber criminals;

It sometimes includes geographical targeting, meaning the ransom note is translated into the victim’s language, to increase the chances for the ransom to be paid.

"Where does the current wave of ransomware infection come from?"

Even though most companies have extensive security mechanisms in place, such as virus scanners, firewalls, IPS systems, anti-SPAM/anti-virus-email-gateways and web filters, we are currently witnessing large numbers of infections worldwide with ransomware infections, such as Cryptowall, TeslaCrypt and Locky. Files on computers and network drives are encrypted as part of these infections in order to blackmail the users of these computers to pay a sum of money, usually in the region of USD 200-500, for the decryption tool.

"A common infection scenario may look like this:"

A user receives an email that comes from a seemingly plausible sender with an attached document, a parcel service with attached delivery information or anexternal company with an attached invoice.

The email attachment contains an MS Word or Excel document with an embeddedmacro. If the recipient opens the document a macro will attempt to startautomatically, executing the following actions:

It tries to download the actual ransomware payload from a series of webaddresses that only exist momentarily. If a web address cannot be reached, thenext one is accessed until the payload has been downloaded successfully.

"The macro executes the ransomware"
The ransomware contacts the command & control server of the attacker,sends information about the infected computer and downloads an individual public key for this computer.

Files of certain types (Office documents, database files, PDFs, CAD documents,HTML, XML etc.) are then encrypted on the local computer and on all accessible network drives with this public key.

Automatic backups of the Windows operating system (shadow copies) are often deleted to prevent this type of data recovery.

"Best practices to apply immediately"

Backup regularly and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

Don’t enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on, so don’t do it!

Be cautious about unsolicited attachments.
The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.

Don’t give yourself more login power than you need. Most importantly, don’t stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other “regular work” activities while you haveadministrator rights.

Consider installing the Microsoft Office viewers. 
These viewer applications let you see what documents look like without opening them in Word or Excel itself. Inparticular, the viewer software doesn’t support macros at all, so you can’t enablemacros by mistake!

Patch early, patch often. 
Malware that doesn’t come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. 
The sooner you patch, the fewer open holes remain forthe crooks to exploit. Keep informed about new security features added to your business applications. Forexample, Office 2016 now includes a control called "Block macros from running inOffice files from the internet" which helps protect you from external malicious content without stopping you using macros internally.

Open .JS files with Notepad by default.
This helps protect against JavaScript borne malware by enabling you to identify the file type and spot suspicious files.

Show files with their extensions. 
Malware authors increasingly try to disguise the actual file extension to trick you into opening them. Avoid this by displaying files with their extensions at all times.

Author:

Facebook Comment

Tags

Ideas Internet Tips updates Blogging Education Software new Mobiles What’s New Online Design life SEO other HEALTHY LIFE Computer health Green Living us mattress Sleep Mattresses best mattress inexpensive mattresses for sale king size mattress size (Green Living) Make Money online e-learning mattress sizes single mattress deals sleep mattress best type of mattress for side sleepers mattress selector tool mattress size memory foam mattress nectar mattress reviews Project:LOVE NATURE be green best memory foam mattress building green buy sleep double bed spring mattress price go green home remedies for good sleep how to get a good night sleep mattress dealers mattress mattress tips on how to sleep through the night 2019 web development trends 4Sleep 7 day programmable thermostat Bamboo Vs Cotton Bed Sheets Bamboo vs. Cotton Best Advice for Choosing The Best Sleep Best Sleep Mattress For Back Pain Choose a Best Sleep Mattress for Your Preferred Sleep Position Eco Friendly Products That Really Make a Difference Eco-Friendly Eco-Friendly Tips for Saving Money Green Kitchen Helix Know the History Facts About the Memory Foam Mattress Mother's Day 2018 Mother's Day Best Unique Gift Ideas 2018 NASA Memory Foam Technology POS (Point of Sale) Receipt Printer Printer Spring Mattress The Basics of Cryptocurrency Why Choose to Go Eco-Friendly? (Green Living) adjustable beds amerisleep as3 aviya azza mattress bedroom beds for sale best mattress for sleep apnea best mattresses for back pain best websites 2019 casper mattress cheap mattress choose a mattress for back pain choose mattress india choose mattress usa digital thermostat dozebeds eco friendly eco friendly cooking eco friendly electric stove eco friendly kitchen appliances eco friendly living room eco friendly living tips eco friendly paper eco friendly things in our house go green images good night's sleep meaning green living show green news honeywell thermostat how to be a web designer from home how to become a professional web designer how to become a web designer from home how to become web designer career how to choose a mattress for back pain how to choose a web designer how to choose sleep mattress how to make your home environmentally friendly how to sleep better at night naturally king mattress leed certification canada leed certification checklist leed certification cost leed certification exam leed certification wiki leed platinum buildings loom & leaf make your home green mattress mattress america reviews mattress buying guide mattress for kids memory foam density guide memory foam mattress buying guide memory foam mattress information memory foam mattress reviews minimalist web design 2019 naturally needle mattress new website trends 2019 nomad mattress programmable thermostat home depot queen mattress revive mattress revive mattress r2 saatva should i buy a memory foam mattress sleep at night fast sleep mattress near me sleep mattress reviews sleep mattress usa sleep number bed smart thermostat spring mattress king size spring mattress pocket spring mattress india spring mattress price sustainable living communities the matress thermostat thermostats top web design trends 2019 twin mattress viola ways to go green web design trends 2019 website trends for 2019 what is a green apartment which mattress is good spring or coir or foam winkbeds zenhaven