Uploaded by kamdyn.elric

my

advertisement
Ransomware: The new internet nightmare that can take you hostage, and here's how not to be
How do you feel about being a hostage? The experience of being taken as a hostage would be
traumatizing for anyone, there's no doubt. But something worse is yet to come.
What if someone takes my PC or mobile as a hostage? Living in this modern era, we can’t do almost
anything in our daily life without these devices. From credit card information to business dataeverything will be in all savage if someone takes our devices as a hostage.
The question is, how can someone do that?
Ransomware: The new internet nightmare that can take you hostage.
And here's how not to be
What is it!
Ransomware is the kind of computer virus that claims you some ransom!
It’s a type of malware. It takes control of your device by encrypting all the data stored. Then it demands
hundreds or maybe thousands of dollars for the decryption.
You are serving it a welcome drink! Maybe.
The most common way to give the ransomware a warm welcome is twoI. Following the spam emails.
II. The temptation of “the free lunch offer”. We are talking about downloading pirated software from
the internet. Yes, the cracked premium ones.
Often these kinds of stuff are trojan. This means an innocent gentleman look with an evil heart. I mean,
from outside they are just some average useful app. But deep inside their heart, the carry ransomware.
How does it work?
Ransomware mainly follows a method called Cryptoviral Extortion. This method consists of 3 steps1. The author of the ransomware spread it over online with its encrypting feature.
2. It then infiltrates the user’s PC, locks all files by encrypting them, and shows the user the message
sent by the hacker.
3. If the victim meets the Cyber criminal’s demand, he usually gives the victim the necessary tool or
key to decrypt the files. Many times he does not.
From failed attempts to wildfire
The very first attempted ransomware attack known so far is the "AIDS Trojan" written by Joseph
Popp in 1989, which failed due to a design flaw.
But it is 2005, when ransomware began to appear as a real threat. The modern types of ransomware we
see today were first seen in 2013.
It was called Cryptolocker. It introduced prominent encryption which seems to be computationally
infeasible to decrypt. And bitcoin as currency was used for the first time.
CryptoLocker earned $27 million from the victims in just 2 months!
Till then, Windows OS was the only target in general. But in January 2015, attacks targeting Linuxbased systems were reported for the first time.
And now? Windows, macOS, Linux- everyone has fallen.
Thousands of variants out there- WannaCry, Petya, Havoc, CryLocker, CryptoWall, Jigsaw, SamSam
the list goes on.
Experts are saying that Ransomware Attacks Are Spreading Like a Hacking Wildfire. Do you wonder
why? You can find more below.
Ransomware attack leads to IT network shutdown
Ransomware attack hits HONDA company
Ransomware Attack: Police seems helpless about traffic accidents response
The University of California pays over $1M to ransomware gang
LG Electronics Ransomware Attack, Souce Code Stolen
These are not just numbers
 4,000 ransomware attacks launched per day- says FBI.
 2016: At least 97% email with phishing attempts, contained ransomware
 2017: Wanacry hits almost 200000 systems in 70 countries within few days ii
 63% of the victim said that their system was down for more than a day.
 40% of victims paid the ransom. Around two-thirds of those recovered their files after paying
the ransom. And the rest? Lost files despite paying them. iii
How much in payouts?
 The estimated loss of a ransomware attack on average businesses is $133,000. iv
 Healthcare is the most hit industry. Attacks will quadruple by end of 2020. v
 In only 2016 bad guys took more than $1 Billion! vi
 US businesses lost $700 billion for ransomware in 2016 vii
 From 2013 to 2017 ransomware market was at least $12,768,536.
Source: Paquet-Clouston, M., Haslhofer, B., & Dupont, B. (2019). Ransomware
payments in the bitcoin ecosystem. Journal of Cybersecurity, 5(1), 1–11.
Prevention is better than cure
By now, we should start to think about a way out, right? How to avoid this kind of nightmare?
Well, just shut the door. First and fast. Let me explainUnfortunately, the ransomware prevention and protection technologies are still too young.
So, the first solution here is- awareness.
Just ignore the irresistible temptation of downloading pirated apps.
Don't click suspicious email attachments.
Deploy some kind of anti-ransomware technology in your system
Keep your system up to date and patched. Schedule some routine check for it.
These things will only reduce the attack surface. Still, there's no guarantee you won't get hit. For this,
last but not leastHave secure and tested backups of your data. Regularly and consistently.
Keep a well documented, effective incident response and disaster recovery plan prepared.
Wrapping Up
Ransomware has been savage. If you haven’t been hit yet, it’s not an issue of if, but when…
Nothing would be better than keeping ourselves prepared.
I ii https://www.unitrends.com/solutions/ransomware-education
iii https://royalsocietypublishing.org/doi/10.1098/rsos.190023#RSOS190023C16
iv https://safeatlast.co/blog/ransomware-statistics/
v https://www.csoonline.com/article/3237674/ransomware-damage-costs-predicted-to-hit-115b-by2019.html
vi https://www.zdnet.com/article/the-cost-of-ransomware-attacks-1-billion-this-year/
vii https://www.unitrends.com/solutions/ransomware-education
Download