Everything about Ransomware you would want to know
In today’s digital world very much prone to cyber attacks, the most frequent tool used in last year was Ransomware. In the coming year, our world will see cyber attacks every 11 seconds with an approximation of a damage cost of $20 Bn. Every type and size of the business will suffer from this phenomena, but the focus will be more on small businesses due to their unprepared environment for the threat.
What is Ransomware?
In Bollywood or Hollywood films an individual is taken into custody to get some money from his/her first-hand family, and, such cases also happen in real life. Similarly, in this digital world, your computer gets hacked with the help of a malware, encrypting your data in a non-readable format and for returning it to the original state by decrypting the same, you are asked to pay a handsome amount. This version of virus or malware is known as “Ransomware”.
The first demand of Ransomware was detected in 1989 for $ 189, which has now grown to many folds and most of the time the money demanded are in the form of digital currency like Bitcoin. Many cases are known to the world where the victim has paid up millions of dollars to get the data decrypted. Many times it is also observed that Ransomware is used to disrupt Government or business operations of one or more countries and cause a panic situation.
Let’s understand how Ransomware works and how do we need to defend ourselves.
How does Ransomware work?
Ransomware normally enters your computer system through an email or as malware through browser. The email variant, which is a phishing mail, contains a malicious link or an attachment to download. Once opened this link will install the malware in your computer and immediately start encrypting all the files inside your computer systems. If your computer is connected to a network, it will spread like a human infection to other computers and encrypts the data in those computers also. All the extensions of the files will be changes to some weird extension and while trying to open the file a message appears contacting some group or individual to get the decryption code to get your data back!!!
Affected parties normally have two choices, first, if they have data back-ups, they can restore it and start operations with extended security. Secondly, if you do not have data back-ups and your data is very important and sensitive that you cannot afford to lose them, therefore, ending up paying them the ransom amount demanded by the cybercriminals and get the data back. But, in many cases, it also happens that even after paying the ransom, the decryption keys or programs are not given to the suffering parties just for the sake of sadistic pleasure.
Understanding our mistakes, it will defend!
Cybercriminals generally exploit the lack of awareness of employees. Phishing attacks are randomly done to many organizations and most of them do common mistakes leading them to a Ransomware attack. It is observed that most of the organisations do not put on enough efforts to train their employees in reference to likely cyber attacks. Following are the few important points to be observed.
1. Beware of links: Due to lack of training and awareness, employees click on links or attachments which initiates the Ransomware attack.
2. Antivirus: Many times Antivirus software used are free versions which are not capable to defend, not capable to provide upgraded defence mechanism.
3. Illegal Operating Systems: Illegal operating systems installed on computer systems do not provide essential patch updates which provide a defence mechanism against the latest vulnerabilities.
4. Lack of Cybersecurity planning: Most of the Small and Medium organisations do not take Cybersecurity as a serious matter to be considered, therefore, not having any Cybersecurity planning and proactive actions. They fall prey faster to Cybercriminals.
5. Do data back-ups: Having multiple copies of data back-ups on different devices can save your from Ransomware attack after effects.
Can you avoid a Ransomware attack?
Yes, proactive and planned actions can save you from a Ransomware attacks.
Follow these steps:
1. Use legal operating systems, avoid pirated or counterfeit copies.
2. Do not install unknown software from an email link.
3. Use a well-reputed antivirus and keep it always updated.
4. Keep back-ups of your data, multiple copies on different devices.
5. Train your employees to identify spoofs and phishing.
Adopting these simple five steps will defend your fort to a large extent against a Ransomware attack.
Do contact us for any of your cybersecurity needs!
Be alert, be aware, be safe.
_________________________
Kaushik Pandya, Ahmedabad, 27th June 2020
_________________________
The author is a Cyber Security expert and veteran in Information & Communication Technology, running his ICT consultation firm for the last 32 years. He is also heading the Federation of All India IT Associations of India, popularly known as FAIITA. He is also a founder trustee of the Techno Nationalism Foundation.