Are You a Victim of a Ransomware Attack?

Have you ever experienced when you opened your computer to find it had been locked with a ransom note demanding cash immediately? In 2018 Ransomware attack grew by 350% reaching a total of 812 million infected devices. Leave a small country like Sri Lanka behind. Let's take a powerful country like the United States. The Emsisoft Q1 and Q2 2020 research shows that in 2019 Ransomware attacks against 966 U.S. government, healthcare and educational entities cost $7.5 billion. Scary, right...!? Does your business, institution ready to deal with this cyber threat? Let's begin our journey through Ransomware!!!

 

Before we start, let's know what a Ransomware is. A Ransomware is simply a type of malware (malicious software) designed to deny access to the files on the user’s device. If you are a user, your computer is attacked by encrypting these files which only the malware operator can decrypt them. Ransomware is categorized into two main types as crypto-ransomware and locker ransomware. Crypto ransomware encrypts valuable files on a computer to avoid the user accessing them. Most of the time Cyber thieves conduct crypto-ransomware attacks to make money by demanding that victims pay a ransom to get their files back. In Locker ransomware, it locks the victim out of their device, preventing them from using it without encrypting them. Cybercriminals carrying out locker ransomware attacks will demand a ransom to unlock the device once they are locked out. A wide range of ransomware is out there under these two main types, including Ryuk, Locky, Wanna Cry, Bad Rabbit, Troldesh, and a hundred of thousands of others.

 

How Does a Ransomware Attack work?


If you are curious about how these types of attacks work, let me create a simplistic view of a ransomware attack and how it infects the network of your organization.

 

The battle begins with an email sent by a threat actor with an attachment to a malicious link. This email bypasses the spam filter hitting the user’s inbox. Without thinking twice, the user opens the malicious email and clicks a link, or downloads an attachment. Then BOOM! Your poor antivirus fails to block the threat. The malware .exe is delivered and the payload is executed on to the user’s machine and files are encrypted by the malware. Now the victim has no escape! Stepping forward, a ransom note is sent asking for payment in untraceable bitcoin. The attackers spread the virus through the organization for maximum effectiveness of the attack.

 

Are You Vulnerable to a Ransomware Attack?

 

If you are the attacker, what is your target? It’s obvious to spread the threat as much as possible. So, the “Quality over Quantity” would be your preference. That’s why these cybercriminals target larger organizations and demands more substantial ransom payments from each target to make a profitable attack. Some of their common targets are City/ Local Governments, Hospitals, Industrial Sectors, Law Firms, HR departments, etc. Some organizations become targets as they seem more likely to pay a ransom quickly. For instance, government agencies and medical facilities often need immediate access to their files, and Law firms and other organizations with sensitive data may willing to pay to keep news of a compromise quiet that is uniquely sensitive to leakware attacks.

 

Never be a Victim of a Ransomware Attack

 

It is too late to save your system by the time the ransom message pops up on a machine. Yet, taking necessary actions can help to protect against and prevent a ransomware attack from occurring in the first place. Automated Backups that were taken recently will hold you on paying the ransom, Minimizing Attack Surface by keeping vulnerabilities patched, antivirus updated, and unnecessary services disabled reduces the attack surface, maintaining an Incident Response Plan to ensure that the IT/security team properly handles a potential incident, Endpoint Monitoring, and Protection to identifying ransomware infections early, Ransomware Insurance to minimize the cost of recovering from a ransomware attack could help reduce that vulnerability.

 

Cutting the Long Story Short

 

Ransomware is a security threat to any organization but preventable. If you take the necessary action as mentioned above to minimize the probability of infection and ensuring that clean backups are available for system restoration can dramatically decrease ransomware attacks.


Reference

Comments

  1. When it comes to ransomware attacks, prevention is always better than cure. Therefore the best thing is to be aware of these things. Nicely explained. Keep it up!

    ReplyDelete
    Replies
    1. Of course, if you take the necessary actions, it is preventable and thank you for sharing your thoughts. I found this article and it would be helpful to know how to avoid these attacks as users. https://www.kaspersky.com/resource-center/threats/how-to-prevent-ransomware

      Delete
  2. This article gave me a comprehensive knowledge about ransomeware.Nicely written.keep it up!! :)

    ReplyDelete
  3. Good read. Never thought ransomware was causing this much damage.

    ReplyDelete
  4. Definitely haven't been on the know about gravity of ransomware attacks. Very informative and the flow of the post is wonderful. Keep up the good work Ruvishka!

    ReplyDelete
    Replies
    1. Thanks Pramodi. Here's some tips to avoid them as users. https://www.kaspersky.com/resource-center/threats/how-to-prevent-ransomware

      Delete
  5. Amazing write-up! Thanks for sharing this information with us. Looking forward to read more!

    ReplyDelete
  6. Very informative article. Its 2020 and we see Sri Lanka also in the list of countries affected by ransomware attacks.

    ReplyDelete
    Replies
    1. Yeah Osura, in Q3 2020 Sri Lanka is listed under top 5 countries affected by ransomware attacks and it is increased by 436%. And you know what? Most of the time these attacks happened while playing Internet games or while trying to obtain cracks from various websites.

      Delete
  7. With the increase in ransomware attacks around the world, it is important to have an idea about these types of attacks to protect against them. A very good article on ransomware.

    ReplyDelete
  8. we are at a data world. It is essential to know about these kind of attacks. Thank you for making us aware about those.

    ReplyDelete

Post a Comment

Popular posts from this blog

Why an Effective Security Operations Center (SOC) is Essential for Your Organization?

Let’s Mitigate the Cyber Treats in Video Surveillance