what is ransomware?

what is ransomware?

Ransomware is malicious software that manifests itself in several different ways, affecting individual systems, business networks, hospitals, airports and government units.

Ransomware has been officially developed since its first appearance in 1989 and is becoming more and more sophisticated. Simple forms are generally unencrypted ransomware, while modern versions make them inaccessible using cryptography methods to encrypt files. Encrypted ransomware can also be used on the hard drive to completely lock a computer's operating system, preventing the victim from accessing them. The main purpose here is to convince the victim to pay the ransom for deciphering. Payments are often requested in cryptocurrencies (Bitcoin or other cryptocurrencies) as they are difficult to trace. However, there is no guarantee that the attackers will decipher in exchange for payments. 

The popularity of ransomware has increased significantly over the past decade (especially in 2017), and as Europol reports ( IOCTA 2018 ) are currently the most widely used malware as a financial cyber attack type.

How is it transmitted?

Phishing: a recurring form of social engineering. Phishing emails in the context of ransomware are one of the most common methods of spreading malware. Victims are usually transmitted through dangerous email attachments or links that seem real. Even having a single victim in a computer network is enough to endanger the entire organization. 

Abuse kits: consists of a package containing different malware and a pre-written exploit code. These kits are designed to exploit problems and weaknesses in software applications and operating systems to spread malware. (Unsafe systems using outdated software are the most common targets)

Malicious ad: Attackers use ad networks to spread malware.

How do you protect yourself from ransomware?

Use outsourcing to back up your files regularly so you can replace the data when a potential infection is fixed

Be careful with email attachments and links. Avoid clicking websites or links of unknown sources

Install a reliable antivirus program and keep your software applications and operating system up to date

Enable the 'show file extensions' option in your Windows settings, so you can easily check the extension of your files. Avoid files with extensions like .exe, .vbs, .scr.

Avoid sites that are not protected by the HTTPS protocol (for example, whose URL starts 'https: //'). However, keep in mind that many malicious websites use the HTTPS protocol to confuse victims, and only the protocol does not guarantee that a website is legitimate and reliable.

Visit Nomoreransom.org, a website built by ransomware lawmakers and IT security companies. The site provides free decipher packs and some preventive measures for users infected with malware.