Guide on Ransomware Attack: How to Prevent and Detect

Ransomware attack is malicious software. The main thing it does is to lock the data of the victim’s computer or device. That is, it encrypts the data and no one can access the data afterwards.

The first Ransomware is known as PC Cyborg or AIDS. It was created in the late 1980s.

To regain access, this malware demands money. Guess the amount it asks? Generally, it is around $200 to $500. So, data can be decrypted only after the payment is done.

Ransomware locks your personal files such as the gallery, financial information, sensitive data etc. Even after locking, your data is present on your device, but in an encrypted form.

So, your computer or mobile device becomes inaccessible.

Hence, it is essential that you are aware of the types of Ransomware.

Major types of Recent Ransomware Attack

Locky – Infects the Operating System and completely locks all the files and applications. It mainly uses AES Encryption, by which your computer or mobile device becomes inaccessible. It usually spreads through spam E-Mail messages.

Crypto malware – A very dangerous Ransomware. It encrypts all the files including hard drives. One of the most familiar examples is the destructive 2017 WannaCry ransomware attack. It targeted thousands of computer systems around the world that were running Windows OS and did spread itself within corporate networks globally. The victims have to pay a ransom in Bitcoin to retrieve their data.

Scareware – It is software that smartly acts like a cleaning tool or antivirus software. It shows the issues and demands money to resolve them. It either locks the device or floods the screen with Pop-up messages and alerts.

KeRanger – This malicious software infects the Mac Operating system through an App called Transmission. So, encrypts all the files and demands a ransom.

Doxware – This type of Ransomware is very risky. It threatens you that your stolen information would be posted online in case you refused to pay the ransom.

Jigsaw – Jigsaw Ransomware deletes the encrypted files one by one until the ransom is paid. So, we are at an additional disadvantage of losing the data if we delay the payment.

GoldenEye – It targets the human resources department and spreads through social engineering campaigns.

These are the major types of ransomware attacks. Let’s see who are the major targets for Ransomware attacks.

How does Ransomware work?

Ransomware Attack
  1. Organizations holding sensitive Information – Organizations that carry Social Security Numbers, Medical records, financial data of staff, IPR details, budgets and the like are the most important targets of ransomware attacks. The education field is also another major target for the attackers.
  2. A system with less security – For example, Colleges / Universities have weak security systems. But they share highly confidential information now and then.
  3. Healthcare – Hospitals hold patient records. Ransomware attacks do lock the patient data and demand payment.
  4. Human Resource Departments – HR departments are at the highest risk concerning Ransomware attacks. Cyber Criminals post job applications which contain malware on E-Mail or in an attachment. When professionals open the E-Mail or attachment, the ransomware immediately spreads in their systems.
  5. Organizations that pay immediately – Firms that require immediate access to the files such as banks, medical records, Government agencies, will pay quickly to access the data.

Background Study of Ransomware in COVID-19 – What do people say?

COVID-19 pandemic faces a lot of cybersecurity threats.

An app called “COVID19 Tracker” masking itself as a coronavirus outbreak map tracker is actually ransomware that locks down your phone and demands you pay the hackers $100 in bitcoin within 48 hours. (according to Chad Anderson and Tarik Saleh at an internet security company).

The note says, “Your phone is encrypted: Hence, You have 48 hours to pay 100$ [sic] in bitcoin. Otherwise, everything will be erased.

  1. What will be deleted? Your contacts, your pictures and videos, all social media accounts will be leaked publicly and the phone memory will be completely erased.
  2. How to save it? You need a decryption code that will disarm the app and unlock your data back as it was before.
  3. How to get the decryption code? you need to send 100$ [sic] in bitcoin to the address [sic] below, click the button below to see the code.
    Note: Your GPS is watched and your location is known, If you try anything stupid your phone will be automatically erased”

This is the type of Ransomware attack 2020

Be careful about Ransomware…

  1. Try not to pay the ransom. It just empowers and asserts these aggressors. Regardless of whether the payment is done or not, there is no assurance that you will have the option to recover access to your records.
  2. Restore any influenced records from known average support. Reclamation of your records from reinforcement is the quickest method to recover access to your information.
  3. Do whatever it takes to not to give singular information while taking note of an email, unconstrained phone call, text or content.
  4. Utilize good and updated antivirus software and a strong firewall. 

How to protect from Ransomware attack?

  1. Keep the OS and Apps up-to-date all the time.
  2. Do Use trustable and updated Antivirus.
  3. Never access .zip attachments of the unknown Emails.
  4. Do use security software that is up-to-date.
  5. Don’t open the E-mail and attachments of the unknown sender.
  6. Do back up data to the external hard drive.

In closing…

          In this Guide on Ransomware attack, we have discussed what Ransomware is, types of Ransomware, who are the targets of Ransomware. Following these, Do’s and Don’ts will protect your device as much as possible.

Want even more Resources..

Here are a few links to our favourite resources on this topic..