Now Hiring: Are you a driven and motivated 1st Line IT Support Engineer?

What is Ransomware?

Cyber Security / Cyber Security Threats / Tips

What is Ransomware?

Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal money making scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.

There are several things the malware might do once it’s taken over the victim’s computer, but by far the most common action is to encrypt some or all of the user’s files. If you want the technical details, the Infosec Institute has a great in-depth look at how several flavors of ransomware encrypt files. But the most important thing to know is that at the end of the process, the files cannot be decrypted without a mathematical key known only by the attacker. The user is presented with a message explaining that their files are now inaccessible and will only be decrypted if the victim sends an untraceable Bitcoin payment to the attacker.

Examples of Ransomware

Scareware is the simplest type of ransomware. It uses scare tactics or intimidation to trick victims into paying up. It can come in the form of fake antivirus software in which a message suddenly appears claiming your computer has various issues and an online payment is necessary to fix them!

The level of this type of attack varies. Sometimes, users may be bombarded with endless alerts and pop-up messages. Other times, the computer will fail to work at all. Yet, another type of ransomware can impersonate a law enforcement agency by opening up a page that appears to be from a local law enforcement office and claiming the computer user was caught performing illegal activities online. Files are then locked in hard-to-crack, encrypted files, making it difficult for users to recover unless the ransom is paid.

Typical attacks usually ask for $100 to $200. Other attacks seek much more, especially if the attacker knows the data being held hostage would cause a significant direct financial loss to a company. As a result, cybercriminals who set up these scams can make big sums of money.

No matter what the scenario, even if the ransom is paid, there is no guarantee that computer users will be able to fully access their systems again. While some hackers direct victims to pay through Bitcoin, MoneyPak or other online methods, attackers could also demand credit card data, adding another level of financial loss.

Leave your thought here

Your email address will not be published. Required fields are marked *