What is Ransomware?

Ransomware is a criminal business model that uses malicious software to hold valuable files, data or information for ransom. Victims of a ransomware attack may have their operations severely degraded or shut down entirely. Shortly, Ransomware is a kind of malware that can lock you out of all of the files on your computer unless you agree to pay a ransom fee.  

While holding something of value for ransom is not a new concept, ransomware has become a multimillion-dollar criminal business, targeting both individuals and corporations. Due to its low barrier to entry and effectiveness in generating revenue, it has quickly displaced other cybercrime business models and become the largest threat facing organizations today.

How does the victim become infected?

Attackers must execute five steps for a ransomware attack to be successful:

  • Compromise and take control of a system or device. Most ransomware attacks begin by using social engineering to trick users into opening an attachment or following a malicious link in their web browser. This allows attackers to install malware onto a system and take control.
  • Prevent access to the systemOnce they have system access, attackers will either identify and encrypt certain file types or deny access to the entire system.
  • Notify the victim. Naturally, attackers and victims often speak different languages and have varying levels of technical capabilities. Attackers must alert victims to the compromise, state their ransom demand and explain the steps for regaining access. 
  • Accept ransom payment. To receive payment while evading law enforcement, attackers demand cryptocurrencies, such as bitcoin, for the transaction.
  • Return full access. Attackers must return access to the device(s). Failure to restore access to compromised data or systems undermines the scheme as few would be willing to pay a ransom if they didn’t believe their valuables would be returned. Keeping your organization safe from falling victim to a ransomware attack requires a fundamental shift – away from detection and remediation, toward prevention. This means reducing the attack surface, preventing known threats, and identifying and preventing unknown threats.
Petya” Ransomware, Example how it looks on booting

How to avoid Ransomware?

Ransomware is just another kind of malware, so the same tips to avoid viruses apply here as well.

  • Use anti-malware software, and in particular consider protecting yourself with anti-ransomware software.
  • Keep your Windows or Mac computer up to date with the latest patches and security updates. The famous WannaCry ransomware hack spread quickest among older Windows computers that hadn’t installed any new updates in years.
  • Never click any links you don’t completely trust. This is age-old advice; don’t open emails and attachments unless you trust the source, and don’t visit or click links on dicey websites. Try to keep to credible and legitimate sources for downloading software, both on your computer and mobile devices. 

The End of this Post

Credits: Business Insider & Palo Alto Networks & Google Images

Thank you for reading this. I hope you enjoyed! Take a look on other posts.

Hack The Box Buy Me A Coffee GitHub Discord

Vasic

CTF Player | Penetration Tester | Ethical Hacker