Are You a Victim of a Ransomware Attack?
Have you ever experienced when you opened your computer
to find it had been locked with a ransom note demanding cash immediately? In
2018 Ransomware attack grew by 350% reaching a total of 812 million infected devices.
Leave a small country like Sri Lanka behind. Let's take a powerful country like
the United States. The Emsisoft Q1 and Q2 2020 research shows that in 2019
Ransomware attacks against 966 U.S. government, healthcare and educational
entities cost $7.5 billion. Scary, right...!? Does your business, institution
ready to deal with this cyber threat? Let's begin our journey
through Ransomware!!!
Before we start, let's know what a Ransomware is. A Ransomware is simply a type of malware (malicious software) designed to deny access to the files on the user’s device. If you are a user, your computer is attacked by encrypting these files which only the malware operator can decrypt them. Ransomware is categorized into two main types as crypto-ransomware and locker ransomware. Crypto ransomware encrypts valuable files on a computer to avoid the user accessing them. Most of the time Cyber thieves conduct crypto-ransomware attacks to make money by demanding that victims pay a ransom to get their files back. In Locker ransomware, it locks the victim out of their device, preventing them from using it without encrypting them. Cybercriminals carrying out locker ransomware attacks will demand a ransom to unlock the device once they are locked out. A wide range of ransomware is out there under these two main types, including Ryuk, Locky, Wanna Cry, Bad Rabbit, Troldesh, and a hundred of thousands of others.
How Does a Ransomware Attack work?
If you are curious about
how these types of attacks work, let me create a simplistic view of a
ransomware attack and how it infects the network of your organization.
The battle begins with
an email sent by a threat actor with an attachment to a malicious link. This
email bypasses the spam filter hitting the user’s inbox. Without thinking
twice, the user opens the malicious email and clicks a link, or downloads an
attachment. Then BOOM! Your poor antivirus fails to block the threat. The
malware .exe is delivered and the payload is executed on to the user’s machine
and files are encrypted by the malware. Now the victim has no escape! Stepping
forward, a ransom note is sent asking for payment in untraceable bitcoin. The
attackers spread the virus through the organization for maximum effectiveness
of the attack.
Are You Vulnerable to a Ransomware Attack?
If you are the attacker,
what is your target? It’s obvious to spread the threat as much as possible. So,
the “Quality over Quantity” would be your preference. That’s why these
cybercriminals target larger organizations and demands more substantial ransom
payments from each target to make a profitable attack. Some of their common
targets are City/ Local Governments, Hospitals, Industrial Sectors, Law Firms,
HR departments, etc. Some organizations become targets as they seem more likely
to pay a ransom quickly. For instance, government agencies and medical
facilities often need immediate access to their files, and Law firms and other
organizations with sensitive data may willing to pay to keep news of a
compromise quiet that is uniquely sensitive to leakware attacks.
Never be a Victim of a Ransomware Attack
It is too late to save your system by the time the ransom
message pops up on a machine. Yet, taking necessary actions can help to protect
against and prevent a ransomware attack from occurring in the first place. Automated Backups that were taken recently will hold you on
paying the ransom, Minimizing
Attack Surface by keeping
vulnerabilities patched, antivirus updated, and unnecessary services disabled
reduces the attack surface, maintaining an Incident
Response Plan to ensure that
the IT/security team properly handles a potential incident, Endpoint Monitoring, and Protection to identifying ransomware infections early, Ransomware Insurance to minimize the cost of recovering from a ransomware
attack could help reduce that vulnerability.
Cutting the Long Story Short
Ransomware is a security
threat to any organization but preventable. If you take the necessary
action as mentioned above to minimize the probability of infection and ensuring
that clean backups are available for system restoration can dramatically
decrease ransomware attacks.
When it comes to ransomware attacks, prevention is always better than cure. Therefore the best thing is to be aware of these things. Nicely explained. Keep it up!
ReplyDeleteOf course, if you take the necessary actions, it is preventable and thank you for sharing your thoughts. I found this article and it would be helpful to know how to avoid these attacks as users. https://www.kaspersky.com/resource-center/threats/how-to-prevent-ransomware
DeleteThis article gave me a comprehensive knowledge about ransomeware.Nicely written.keep it up!! :)
ReplyDeleteThank you Suranga!
DeleteGood read. Never thought ransomware was causing this much damage.
ReplyDeleteThank you Kavi!
DeleteDefinitely haven't been on the know about gravity of ransomware attacks. Very informative and the flow of the post is wonderful. Keep up the good work Ruvishka!
ReplyDeleteThanks Pramodi. Here's some tips to avoid them as users. https://www.kaspersky.com/resource-center/threats/how-to-prevent-ransomware
DeleteAmazing write-up! Thanks for sharing this information with us. Looking forward to read more!
ReplyDeleteThank you so much!
DeleteVery well explained
ReplyDeleteThank you Nuwan!
DeleteVery informative article. Its 2020 and we see Sri Lanka also in the list of countries affected by ransomware attacks.
ReplyDeleteYeah Osura, in Q3 2020 Sri Lanka is listed under top 5 countries affected by ransomware attacks and it is increased by 436%. And you know what? Most of the time these attacks happened while playing Internet games or while trying to obtain cracks from various websites.
DeleteWith the increase in ransomware attacks around the world, it is important to have an idea about these types of attacks to protect against them. A very good article on ransomware.
ReplyDeleteThank you Santhoopa!
Deletewe are at a data world. It is essential to know about these kind of attacks. Thank you for making us aware about those.
ReplyDeleteThank you Rajitha!
Delete