Definition of ransomware
Ransomware is a type of malware that infects victims' files. The attacker then asks the victim for fake money to regain access to the data once it has been paid.
Users are shown instructions on how to pay a fee to get the decryption key. Costs can range from a few hundred dollars to thousands, payable to cybercriminals in ransomware recovery service.
How ransomware works
There are several vectors that may require ransomware to enter a computer. Phishing spam is one of the most common delivery systems - attachments that arrive at the victim in an email, disguised as files they should trust. Once downloaded and opened, they can take control of the victim's computer, especially if they have social engineering tools that involve users in allowing administrative access. . Some other more aggressive ransomware methods, such as NotPetya, exploit security holes to capture computers without attempting to trick users.
Who is the target of the ransomware?
There are several ways that attackers can select the groups they target with the ransomware. Sometimes it's an opportunity - for example, attackers can target universities because they have smaller security teams and a diverse user base that does a lot of file sharing, making it easier to break into their defenses.
On the other hand, some organizations are misleading targets because they appear to be more likely to pay compensation quickly. For example, government agencies or medical facilities often need immediate access to their files. Law firms and other organizations with sensitive data may be willing to pay to keep trading news quiet, and these agencies may be particularly sensitive to beer attacks.
But don't feel safe if you don't answer these categories: as we said, some ransomware spreads automatically and discreetly on the Internet.
How to prevent ransomware
There are several precautionary measures you can take to prevent ransomware infection. These measures are, of course, generally good security practices, so following them will improve your protection from all types of attacks:
Keep your operating system up to date and up to date to make sure you have fewer vulnerabilities to exploit.
Don't install software or give it administrative privileges unless you know exactly what it is and what it does.
Ransomware facts and figures
Ransomware is big business. There is a lot of money in ransomware, and the market has been expanding rapidly since the beginning of the decade. In 2017, ransomware caused $ 5 billion in losses, both in terms of ransom paid and in terms of spending and time lost in recovering from the attacks. It has increased 15 times since 2015. In the first quarter of 2018, only one type of ransomware software, SamSam, raised $ 1 million in ransom.
Some markets are particularly prone to ransomware and ransom payments. Many high-profile ransomware attacks have occurred in hospitals or other medical organizations, making targets tempting: Attackers know that, with lives literally in the balance, these companies are more likely to pay a relatively low ransom to fix a problem.