Unlike other malware, the motive of ransomware isn’t hacking your data. The attackers notify the victims of the malware attack and provide instructions on making the ransom payment and then unlock the computer’s data.
The malware mostly enters the system through email attachments, unsafe websites or hidden in infected software and applications.
Recent variants of ransomware include Bad rabbit, Cerber, Crysis, Cryptolocker, CryptoWall, Jigsaw and Goldeneye.
One of the recent attacks in this category was of the WannaCry malware which only affected Windows machines through a known exploit.
Some of the major impacts of ransomware attacks are :
- Temporary/permanent loss of copyrighted data
- Loss in infrastructure operations
- Loss of organization financially
- Loss of reputation for major IT firms
In a ransomware attack variant “LockScreen”, the malware changes the login credentials in the data kidnapping attack and also affects other computers in the network.
How does it work?
Ransomware works on RaaS created by malware developers, where it enters the victim’s computer as a service which requires almost no technical expertise to create the malware and target the attack.
It security firms like Symantec, Norton, Kaspersky is continuously working on identifying and blocking this malware and reducing the impact of the attacks.
Who are the victims?
The risk factor is almost same for everyone, however, but some companies are specifically targeted by the malware attackers.
Government institutions and agencies have been the major targets of the ransomware hackers due to the confidentiality of the data and the risk it poses to the national security.
Second major targets have been the financial sector which has incurred a loss of millions of dollars due to such attacks in many instances.
Lack of proper tools and insufficient IT security setups have made these organizations an easy target and more prone to such attacks.
How to avoid a ransomware attack?
As stated above, the malware enters your system through email attachments, software applications or through network connections.
Users need to protect their personal computers and IT administrators need to have proper IT security infrastructure in place to avoid such attacks
Some of the measure as discussed below :
- Device Safety
Any device like Computers or any other handheld devices can be made secure with some common antivirus and security software products from Mcafee, Norton and Symantec.
- System update
Operating systems keep updating the malware repositories which enables them to block the tasks before it affects the system. Hence it is always recommended for us to always keep our system updated to the latest version of the software and install all important patches.
- Data backup
As we always say, prevention is better than cure. But in cases where our systems still get affected by the malware even after all protections, the backed up data can be our saviour/
It is recommended to backup our data on a cloud storage as most of the ransomware attacks have the potential to even damage the backup data stored on local storage attached through LAN or SAN.
- Accounts and privileges
For normal use, you can have a guest account with sufficient privileges and avoid using the administrator login, as the malware cannot function in some cases where you are not logged in as an administrator.
- Browser plugins
The most common paths for malware to enter your system is through various plugins installed along with commonly used applications. Thus, downloading and installing any plugins from untrusted sources should be avoided.
These blocked have proved very useful in blocking malicious links to load and execute random scripts in the system
- Online protection
Most of the antivirus provide online protection by scanning spam emails and attachments before loading them into your system to avoid malware attacks such as ransomware.
- Anti-ransomware tools
Tools developed specially for ransomware protection are available from trusted providers which ensure total protection from ransomware attacks by continuously updating the malware repository.