--------------or--------------
|
What is a Ransomware Attack?Despite the efforts of cyber security professionals all over the world, cyber risks are on the rise, hitting the critical services of even high- profile companies. Among these, ransomware attacks are garnering more attention recently. Ransomware attacks represent a specific model of attack which capitalizes on the fear factor of the victims. In ransomware attacks, the victim’s system gets infected using phishing emails or direct downloads and then the attacker uses scare tactics for extorting money from them, by preventing or restricting the access to their critical data files. Over the years, ransomware attacks have evolved into a highly profitable business model and cyber criminals by using sophisticated methods of encryption, advanced payment options and means of enticing users are realizing the potential of it. Leading Global Cyber security organization Symantec reveals that “ransomware attacks are growing in number, sophistication and menace and over 100 new ransomware families were identified in the year 2015 alone”. The global losses based on ransomware attacks are now running into 100s of millions of dollars. Ransomware mostly is self-propagating in nature and holds the power to infect an entire organization, if a single system gets infected by it. Ransomware can restrict the access of the user by encrypting the most sensitive data files or can lock down the system completely. Designed for direct revenue generation, the perpetuators can then use the scare tactics and demand a huge ransomware for restoring the service. The most preferred payment method for ransomware attackers are bitcoins, a typical type of digital currency, which gives the advantage of non-traceability in online money transactions. The most common type of ransomware is the Crypto ransomware which aims to encrypt the victim’s sensitive data files. The second common type of ransomware is the Locker ransomware which locks the victim’s computer and denies the access. |
|
Target and Implications of Ransomware AttacksThe target of ransomware attacks can be both consumers and organizations which include- home users, small to large businesses, public or Government agencies, and even politicians / celebrities. The ransomware attacks target sensitive information including business proposals, personal information, bank details, passwords, customer information etc. which a breach can create catastrophic effects in business or in the life of individuals. The user will not be able to access a ransomware hit machine as the attacker takes control of the critical files and encrypts it. The consequences of ransomware attacks include loss of sensitive information either temporarily or permanently, interruption in the regular operation or functioning of services, financial losses as well as reputational damage for the victims. In most of the instances, the recovery of data will be extremely difficult and may require the assistance of data recovery specialists. |
|
How do Ransomware Attacks Work?There are various methods in which a ransomware can hit a consumer or an organization. One of the prominent methods to spread ransomware is through malicious spam emails, which are usually distributed using botnets. This can happen through social engineering tactics or direct download as well. The email or the downloaded file contains a malicious attachment and once the victim access this, it can encrypt the data inside the system or can lock the system based on the type of the malware. The server then notifies the victim demanding a ransomware to decrypt the files or unlock the system. The attackers may induce the fear tactics by introducing a countdown clock to pay the ransom which usually says once the deadline is crossed it will destroy the encryption key or double the ransom amount. Apparently, paying the ransom is not a guarantee as the consumer or organization may still loose the files even after the payment of ransom. |
|
|
--------------or--------------
