If you ever see something like this in your mailbox?
Think twice before opening it. Matter of fact just don't open it, especially if it is from someone you don't know. You actually should never open attachments from any sender you don't know.
Ever heard of the term Ransomware? Perhaps you have; or just have an idea of what it is.
According to the Definition by Trend Micro
“Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back.”
Yes. It is exactly how it sounds. Your files are held ransom and in order to get them back you will have to cough up some cash; bitcoins or whatever they hackers decide they want!
A Brief History
The first known ransomware attack was in 1989 using the AIDS Trojan/PC Borg malware. An infected computer would display a message to the user that one of their programs had expired and they needed to pay $189 to have it restored. The creator was eventually caught and the ransomware genre went underground for several years, though it reappeared briefly in 2005 and 2006. It wasn’t until 2013 with the introduction of Cryptolocker and its subsequent variants and copycats, that ransomware became widely known. Info via Backblaze
As stated the CryptoLocker that appeared in Late 2013, has evolved into different versions over the years. The last version I saw was the Cryptolocker 4.0 and a variation or you can say a knockoff called the locky virus.
How It Works
Ransomware is not only spread and distributed via email attachments it could be a link in an email also via phishing scams.
As an example of how ransomware works, let’s take a look how Cryptolocker via Backblaze does its work.
- When the link is clicked, a Zbot variant is downloaded on the system and the Cryptolocker ransomware is installed.
- The malware is added to the system startup under a random name and then reaches out over the Internet to establish communication with a command and control (C&C) server.
- Upon successful communication with the C&C system the server sends a public encryption key to encrypt the files. It also sends a corresponding Bitcoin address to accept payment.
- Using asymmetric encryption, the public key is used to encrypt 70 different types of files on the system. It will take the private key to decrypt the files. The private key resides with the C&C server.
- Once the files are encrypted, the user is presented with a screen similar to the image below, and the countdown begins. If the ransom is paid, the private key is sent to the infected system and the files are decrypted.
Cryptolocker Ransom Screen
Here are some examples of some Ransomware I have come across in my computer consulting career (photos taken and owned by me);
Locky Virus - Example of how encrypted files appear.
Examples of Ransom Notes
So this first episode of “Tech Girl Talk” here is what you need to take away from this.
Don’t Become a Victim of Ransomware
- Keep your systems up to date with the latest virus definitions and software patches.
- Do not open any suspicious unsolicited emails.
- Backup all your data daily or hourly if possible online and/or to an external drive. If you use an external drive - do a daily backup/snapshot of your computer then disconnect the drive.
- Keep the applications on your computer up to date; know how they are updated (some have pop-ups, email notifications and separate update applications installed with the original application) and if you don’t know or you are unsure about an application update; contact the company and ask.
- Keep your operating system up to date; make sure you know how the updates are handled; automatically, manually and if it is by a system administrator (if it is a company computer).
- Avoid clicking appealing ads especially for companies you don’t know; if you see an ad and you’re interested - go directly to the website.
- Only download and install applications, browser extensions, add-ons and plugins from reputable websites.
- Practice safe clicking and be aware of what is happening on your computer.
Written & Created by Kariette F.
Edited by Vanessa B.
No comments :
Post a Comment