Ransomware : Attacks And Prevention
Ransomware is a form of malicious software that locks up the files on your computer, encrypts them, and demands that you pay to get your files back. Wanna Decryptor, or WannaCry, is a form of ransomware that affects Microsoft’s Windows operating system. When a system is infected, a pop up window appears, prompting you to pay to recover all your files within three days, with a countdown timer on the left of the window. It adds that if you fail to pay within that time, the fee will be doubled, and if you don’t pay within seven days, you will lose the files forever. Payment is accepted only with Bitcoin.
Several factors have fueled the recent rise in Ransomware Attacks:
- Bitcoin has been a significant factor in the rise in ransomware attacks. The lack of oversight by any governing body coupled with anonymity makes it an ideal currency in ransomware demands.
- The evolution of ransomware-as-a-service (RaaS) has also played a significant role in the proliferation of attacks. RaaS has moved the execution of a ransomware attack from "professional" to "script-kiddie".
- Operating systems lack runtime detection capabilities that could help stop ransomware execution in the early stages possibly even before actual encryption begins.
- Another reason that ransomware continues to proliferate, despite classic delivery methods such as email, is that users have not been properly trained or made aware of the dangers of opening malicious email attachments. This trend highlights a need among organizations to improve web and email security and user security awareness.
Some Tips for Preventing Ransomware :
Prevention is far better than a cure. So here are some tips to protect yourself against ransomware.
Prevention is far better than a cure. So here are some tips to protect yourself against ransomware.
- Don’t enable macros : A lot of ransomware is distributed in Office documents that trick users into enabling macros. Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.
- Be very careful about opening unsolicited attachments : Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.
- Segment the company network : Separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.
- Patch, patch, patch : Malware that doesn’t come in via document macros often relies on bugs in software and applications. When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.
- Don’t give yourself more login power than necessary : Don’t stay logged in as an administrator any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator.
- Back up your files regularly and keep a recent backup off-site : The only backup you’ll ever regret is one you left for “another day.” Backups can protect your data against more than just ransomware: theft, fire, flood or accidental deletion all have the same effect. Make sure you encrypt the backed up data so only you can restore it.
Comments
Post a Comment