So what is Ransomware anyways?
Malware is software used to infect a computer.
Ransomware is a specific type of malware that encrypts the user’s files and holds them hostage until the user pays the intruder a sum of money, hence the name “ransomware.”
Are there different types of Ransomware?
There are many different types of Ransomware attacks:
Attack Type #1: Locky
This method can encrypt 160 file types. Intruders social engineer a user to download infected email attachments which will install malware that will encrypt their files, making them a victim to ransomware.
Attack Type #2: Drive-by (ie. Bad Rabbit)
In this method, the intruder compromises a legitimate website. A user would then access the compromised website and click to install a software, but in reality its malware. Downloading the malware would then make the user victim to the drive-by method of ransomware.
Attack Type #3: Jigsaw
Once the malware is installed on a computer, Jigsaw will continuously delete files from the computer until the user has paid a ransom to the user making them a victim to Jigsaw.
Attack Type #4: Petya
This method is different from the other types of ransomware as Petya encrypts the entire computer system. More specifically, Petya overwrites the master boot record, causing the computer to execute a malicious payload that encrypts the rest of the partitions on the computer’s storage devices.
To check out other types of ransomware attacks, click here!
What techniques does Ransomware typically employ?
There are many ways ransomware can encrypt your computer.
Ransomware can overwrite original files with the encrypted versions, encrypt files after unlinking the original files, or encrypt your files and delete the original files.
How does Ransomware get into your system?
Ransomware can be spread through phishing emails that contain malicious attachments, which when downloaded will infect your computer and the network it’s on.
It can also be downloaded via drive-by downloading, where the user visits a malicious website that downloads malicious software when visited or clicked on.
Who should be concerned about Ransomware?
Ransomware is a threat to everyone using a computer and the internet.
It is far more likely for cybercriminals to target businesses, especially small businesses as they have less protection and resources to pursue an attacker.
If you are a business owner or employee you should be researching and taking extra precautions to prevent your company from falling victim to a ransomware attack.
What can you do to prevent Ransomware attacks?
The key to preventing ransomware or any other cyber attack is to educate yourself and your employees on how to spot malicious attacks.
Ransomware can only enter your network through emails or by clicking on malicious links, so teaching your employees to properly spot malicious messages and links is the best way to prevent a ransomware attack.
How do Ransomware Simulations work?
Ransomware simulators are to be run on your network and usually mimic different operations performed by real ransomware, but without actually harming the users’ files.
Why would I want to simulate a ransomware attack?
Simulating a ransomware attack can be critical to evaluating how your security measures deal with real ransomware.
Good anti-ransomware products should be able to defend your system.
Running these simulations can also reveal how your employees would react to a ransomware attack.