Ransomware does it again

What is ransomware?

Ransomware is a kind of cyber attack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid.

For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake.

Once the software is on a victim’s computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted one after another.

About | Ransomware

What is ransomware?Malicious software that locks a device, such as a computer, tablet or smartphone and then demands a ransom to unlock it

Where did ransomware originate?The first documented case appeared in 2005 in the United States, but quickly spread around the world

How does it affect a computer?The software is normally contained within an attachment to an email that masquerades as something innocent. Once opened it encrypts the hard drive, making it impossible to access or retrieve anything stored on there – such as photographs, documents or music

How can you protect yourself?Anti-virus software can protect your machine, although cybercriminals are constantly working on new ways to override such protection

How much are victims expected to pay?The ransom demanded varies. Victims of a 2017 attack were charged the equivalent of 300 Euro in bitcoin. However, there’s no guarantee that paying will get your data back

What is Wanna Decryptor?

Wanna Decryptor, also known as WannaCry or wcry, is a specific ransomware program that locks all the data on a computer system and leaves the user with only two files: instructions on what to do next and the Wanna Decryptor program itself.

When the software is opened it tells computer users that their files have been encryted, and gives them a few days to pay up, warning that their files will otherwise be deleted. It demands payment in Bitcoin, gives instructions on how to buy it, and provides a Bitcoin address to send it to.

Most computer security companies have ransomware decryption tools that can bypass the software.

How to protect yourself against ransomware attacks

The best protection against ransomware attacks is to have all files backed up in a completely separate system. This means that if you suffer an attack you won’t lost any information to the hackers.

It is difficult to prevent determined hackers from launching a ransomware attack, but exercising caution can help. Cyber attackers need to download the malicious software onto a computer, phone or other connected device.

The most common ways of installing the virus are through compromised emails and websites.

For example, hackers could send an employee a phishing email that looks like it comes from their boss asking them to open a link. But it actually links to a malicious website that surreptitiously downloads the virus onto their computer.

Follow up with : https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

About | Spear phishing

“Phishing” is the practice of sending out emails that purport to be from a well-known source, such as a major bank or utility provider. Clicking any links will take you to a fraudulent site that will harvest any login details you put in and may install malware on your device.

“Spear phishing” is a more targeted version of the above; emails will address you by name and may appear to come from someone senior within your organisation, or from your email provider warning you to change your password.

A 2016 study has shown that some 56 per cent of people will fall for a spear phishing email and click on the links they are sent.

LEAVE A COMMENT