Ransomware remains a booming business in 2016?
We are almost at end of 2016 and we have seen a stiff graph of Ransomware attacks in 2016.
According to email security statistics
- Osterman Research June 2016 survey says that almost one out of every two participants indicated their organization had suffered an at least one ransomware attack in 12 months
- Average number of ransomware infections are between 23,000 and 35,000 per month in 2015, according to Symantec. The spike to 56,000 in March 2016 increased with the arrival of Locky ransomware.
- Victims paid $209 million to ransomeware Criminals in Q1 2016 according to FBI
- Barkly survey states that less than half of ransomware victims fully recover their data, even with backup
- 59% ransomware infections are through emails with malicious links and attachment. According to the Osterman Research survey, users are likely to be infected by clicking something in an email.
So it is always better to
" Prepare and Prevent Than Repair and Repent"
With this quote in mind, I am covering here :
- What is Ransomware? How is it different from other malware?
- How Ransomwares infect your system?
- What are the different types of Ransomwares ?
- Why we cant get hold of attackers?
- How do we protect ourselves against Ransomwares?
1. What is Ransomware?How is it different from other malware?
Ransomware is a malware that locks your files, documents and applications, and demands cash from you if you need to get those files or apps back.
Other malwares, like viruses, trojan horses etc, corrupt the system or steal some sensitive data, but rarely get any monetary benefit.Unlike other malware, Ransomware locks your system, files and apps, and demands money providing monetary benefit to hackers.
2. How Ransomwares infect your system?
Earlier ransomware were to a great extent prevalent in Russia, contaminating a huge number of computer systems. These sort of malware are harder to distinguish
- Most of them can enter your system through files of already infected system, email attachments or from already existing malware.
- It may not start infecting your system immediately.
- It remains in hidden stage initially.During this period, it copies all your files into encrypted copies and deletes the originals.
- If it encrypts your files, you cant access that file. You are left with files but cant open any.
- After encrypting all files it will notify you about its presence. It will show you a message to pay a certain amount of money in the form of bitcoins.Bitcoins are a cyber-currency that are very difficult to be traced to the receiver.
- This leaves you in complete mess of loosing files.
3. What are the different types of Ransomwares?
Ransomwares are classified as :
Encrypting ransomwares are those who encrypt the files, apps of your system and demand a ransom to un-encrypt them. Usually encryption is done using a algorithm that may take several years to break them. So only way user can get his files back by giving the ransom amount and getting the unlock key. This is the most harmful ransomware.
Non-encrypting one doesn’t encrypt files, but rather blocks access to them and shows irritating messages when you try to access them. This is a less harmful ransomwares and the user can easily get rid of them by taking backup of important files and installing the operating system again.
4. Why we cant get hold of attackers?
Most of the ransomwares originates from Russia. While these people do demand cash, but the payment is in form of bitcoins, crypto-currency known for its anonymity and not leaving any traces.
5. How do we protect ourselves against Ransomwares?
Few preventive tips are:
- Have a backup of all your files
- Pay attention to your PC’s behavior.
- Avoid shady sites and have a good anti-virus program.
- Be careful when opening new e-mails from unknown senders.
This blog was published in Logix.in