ransomware attack worried businessman by andrey popov gettyimages 1199291222 cso 2400x1600 100840844 large

Ransomware 

Ransomware 

Ransom fees have experienced a continuous rise of 43% in the last quarters of 2020 to an average of US$200,000. This attack does not just demand a hefty fee from the victim but it also compromises its security whereby the targeted company needs to pay a fee for the security breach. Recent ransomware attacks have been accompanied with extraction of company data and release of these sensitive information unless further payments are made. Some organisations had to grow through this ordeal in the first four months of 2021 whereby three-quarters of ransomware attacks were tied to such insidious threats. One of the recent cases is of CAN Financial who had to pay US$ 40 million in late March. The cyber criminals’ goals were not financial gains but they had an ulterior motive, that of obtaining access to CNA’s client database to threaten the organisation as well as listing customers who bought cyber insurance with a ransomware payment rider in order to find the most lucrative victims.

 How Ransomware works?

There are a plethora of ways as to how ransomware can gain access to a device. The most conventional way is phishing spam. On a more tenacious side, exploit like NotPeya is used to infect devices without having to trick or manipulate users. After the malware has successfully affected the targeted device, all files and data will be encrypted and they cannot be decrypted without the mathematical key that only the attacker has in his possession. The victim is informed that his/her files are inaccessible and in order to decrypt them he/she has to send a Bitcoin payment to the attacker. Malwares can also take up the form of enforcement agency whereby the victim’s device is shut down due to the detection of pornography or pirated software. The attacker proceeds to demand a “fine” which will make it less likely for the victim to report the attack to local authorities.   

Another variation of ransomware is leakware or doxware whereby the attacker threatens the victim to leak confidential data unless a fee is paid. In all, encryption ransomware is the most common type of ransomware attack used since extracting and obtaining such information can be tricky for attackers.  

How to prevent Ransomware attacks?

Below are preventative measures that one can implement in order to deter ransomware attacks:

– Verify that operating systems are updated and patched. That way, the attacker will have lesser vulnerabilities to exploit.

– Avoid installing software or provide admin privileges unless the user knows precisely what tasks it performs and what it is.

– Install antivirus software which will identify and alert the user about any malicious programs and whitelisting software which deters unauthorised applications from executing.

– Ensures backups are done frequently. It is better to automate the backups in case a user forgets to back up his/her files manually. It is to be noted that this solution will not prevent the attack but will mitigate the damage caused from the ransomware.  

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top