Ransomware is one of the most dangerous types of malware out there with the potential to render all your personal files and folders unusable. Despite being in existence for over 30 years, ransomware is still one of the most common and potent cyberattacks globally.
To define it formally, ransomware (ransom malware) is a category of malware that prevents a user from accessing their files or system and in exchange for access rights, demands a ransom payment.
During the early days of ransomware in the late 1980s, payments were to be made via snail mail. But today, ransomware authors demand payment through cryptocurrency which makes it near impossible to track down the attackers.
In this blog post, we provide a guide to ransomware including its various types and how you can protect yourself against it.
What Makes Ransomware Dangerous?
Like most malware, ransomware can install itself when you click on a link or download an attachment via email and run in the background of your system without your knowledge. However, unlike other forms of malware, ransomware does not remain hidden – once it executes, it makes all your files unusable and then demands a ransom.
Ransomware spreads quickly through your entire filesystem and network and hence can cause chaos across your organization by making important data inaccessible. Even if you pay the ransom, there is no guarantee that your files can be made accessible since most ransomware authors either demand more ransom or never return the key. For businesses and individuals, this can lead to loss of gigabytes and terabytes of data at the least, and financial loss of over millions in most cases.
WannaCry, GandCrab, NotPetya are all examples of recent ransomware attacks that have affected thousands of businesses worldwide. On average, it is estimated that the cost of a ransomware attack (including ransomware payouts and penalties) is approximately $4 million. What is more, is that businesses are the primary target of ransomware since 2018 with almost 88% of ransomware attacks focused on organizations.
Types of Ransomware:
Ransomware comes in all shapes and sizes. Some variants of ransomware are not as harmful as others, but all of them demand a ransom. Here are the most common types of ransomware:
- Encrypting Ransomware: The most widely used and harmful form of ransomware is crypto-ware that encrypts your data and renders them unusable without a decryption key (which you get in exchange for ransomware). WannaCry, a ransomware attack launched in 2017, remains one of the most destructive threats to date.
- Lockers: Lockers, or screen-lockers, is ransomware that infects the operating system and locks you out of your system, making it impossible for you to access your files. This is common on Android devices but can affect other mobile devices as well.
- Doxware: Also known as extortionware and leakware, doxware is ransomware that threatens to publish your sensitive stolen information online if you do not pay a ransom. For businesses and individuals that have critical data on their devices, they often pay to protect their information from being publicized.
- Scareware: Perhaps the least threatening yet still common form of ransomware is scareware. It is a fake software that behaves like antivirus software and provokes you to solve fake ‘issues’ and ‘security problems’ on your system in exchange for money. Some scareware lock you out from your device but others just flood your screen with pop-ups and alerts.
- Ransomware for Mac and Mobile Devices: Some forms of ransomware have evolved sufficiently to target even the more secure operating systems such as Mac and mobile devices. Attackers can penetrate the system through malicious apps and software.
Who are the Victims?
Ransomware is not just limited to business, but it is often targeted because of the nature of the malware. Cybercriminals can choose who they attack with ransomware to maximize their financial gain. Here are the most popular target groups of ransomware for attackers:
- Institutes or groups that have little or no security. Universities, individuals, and small businesses often fall into this category.
- Organizations that can pay large amounts quickly and will make the payment because of the critical information involved. Government firms, banks, medical centers, and other financial institutes cover this category since they need access to their files immediately.
- Firms that hold, share, or otherwise store sensitive information such as law firms, healthcare institutions, and similar groups can be targeted because the information being compromised is far more valuable than the ransom for the cybercriminals.
How to Protect Yourself?
Ransomware can cause havoc once it gets access to your system and files, so the best way to protect yourself is to not let that happen. Here are a few effective tips on how to protect yourself against ransomware:
- Open attachments from trusted and familiar sources only: Email attachments are the most common channel for ransomware delivery. Even if you receive a legitimate-looking email, never download the attachment unless you are familiar with and trust the sender.
- Keep your operating system and software updated: Keeping your software, operating system, and particularly your antivirus up to date can help protect your system against all kinds of malware, including ransomware. Security patches are frequently sent out by vendors to ensure that vulnerabilities are addressed to make it more difficult for cybercriminals to infect your system.
- Never click on links from unknown sources: Avoid clicking on any links that you come across whether it is on email or an unfamiliar website. Often, such links will start downloading as soon as you click them, hence infecting your system. You should always download software and files from links that you trust and are familiar with. If ever unsure about a link or file that you receive from an unknown source or sender, run it through your security team first.
- Backup all important data regularly: Ransomware leverages the fact that most people do not have backups of their information which leads to panic. If you regularly backup all your important data to external drives or the cloud then you can simply restore all your files once the infection has been cleaned.
Ransomware has been around for more than 30 years but its new variants of the threat are still emerging. As this potent type of malware evolves, businesses must understand how to minimize the risk of exposure. We have provided a comprehensive guide to help you understand what ransomware is, how it can affect you, and what you can do to protect yourself from becoming the next target of ransomware.
Apvera is a cybersecurity partner that helps you identify and patch vulnerabilities in your system to ensure that you remain protected against ransomware and other threats. If you would like further guidance on how to prevent your data from being held ransom then get in touch with our team.