What is Ransomware

What is Ransomware 5mgjANQ

Never before in the history of human kind have people across the world been subjected to extortion on a massive scale as they are today. In recent years, personal use of computers and the internet has exploded and, along with this massive growth, cybercriminals have emerged to feed off this burgeoning market, targeting innocent users with a wide range of malware. The vast majority of these threats are aimed at directly or indirectly making money from the victims. Today, ransomware has emerged as one of the most troublesome malware categories of our time.

Ransomware is a form of malicious software (or malware) that, once it's infected your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment.

What is Ransomware F8tLhg7

Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.

The first recorded ransomware attack occurred in 1989, when evolutionary biologist Joseph Popp infected floppy disks with the AIDS Trojan and distributed them to fellow researchers. The malware didn’t run immediately, but instead waited until victims booted their PCs 90 times. Finally, it encrypted all system files and asked users to pay $189 to undo the damage. Luckily, experts came up with tools to remove the malware and decrypt infected files.


Ransomware is not a virus because virus infect your files or software, and have the ability to replicate, but ransomware scrambles your files to render them unusable, then demands you pay up. They can both be removed with an antivirus, but if your files are encrypted chances are you’ll never get them back.


The most common form of ransomware is an extension of rogue security software. In this scenario, the malware you inadvertently install in response to the bogus spyware or virus report actually disables your files or critical programs until you purchase whatever software it is that they’re trying to sell. Sometimes, however, the scammers give up the pretense of selling a product and are just upfront about the extortion.


There are two basic types of ransomware in circulation. The most common type today is crypto ransomware, which aims to encrypt personal data and files. The other, known as locker ransomware, is designed to lock the computer, preventing victims from using it. Crypto ransomware doesn’t necessarily have to use encryption to stop users from accessing their data, but the vast majority of it does. Both types of ransomware are aimed squarely at our digital lifestyle. They are designed to deny us access to something we want or need and offer to return what is rightfully ours on payment of a ransom. Despite having similar objectives, the approaches taken by each type of ransomware are quite different.




Systems Impacted by Ransomware

Cybercriminals behind ransomware are constantly innovating. With more connected devices around, we can expect to see ransomware appear in new device categories where they were never seen before. Modern ransomware can impact many different types of systems. With the increasing computerization of everyday activities, we are finding that computers are becoming ubiquitous and can be found almost everywhere. Trends such as IoT will widen the horizon further for computerization. There are already lightweight
Linux-based systems in many types of small gadgets and household appliances, such as portable media players, routers, refrigerators, TVs, mobile phones, tablets, set top boxes, network-attached storage (NAS) devices, and surveillance cameras. Most of these can potentially be targeted with ransomware attacks.

Your Android mobile devices aren’t safe from ransomware either. There’s even a WannaCry copycat which spreads on gaming forums and targets Android devices in China. Since data can easily be restored by syncing devices, cyber criminals often prefer blocking your smartphone instead of just encrypting files.

Even though it takes more than opening an email attachment or clicking on a link to infect Apple devices, Mac ransomware is also on the rise. The latest malware affecting Macs appears to have been coded by software engineers with a specialty in OS X. Cyber criminals often target iCloud accounts or attempt to lock smartphones through the Find My iPhone system.

However, at this time, the most frequently targeted computing environments for ransomware are personal computers, mobile devices, and servers.






Targets for Ransomware

The cybercriminals behind ransomware do not particularly care who their victims are, as long as they are willing to pay the ransom. With this in mind, it is easy to see why the cybercriminals tend to take a scatter-gun approach to propagating the ransomware, casting a wide net across targeted regions and types of users. With the cybercriminals hitting millions of users worldwide, if even a small percentage of victims pay the ransom, then it could make the scheme worthwhile. This is why our default recommendation is not to pay the ransom.





Conclusion

Today’s ransomware is a sophisticated threat affecting users in many regions worldwide, particularly those living in developed and high-tech economies. The ransomware world is like any real life ecosystem. Threats that can adapt and evolve to their surroundings can survive and even thrive, while those that can’t or won’t adapt may eventually disappear. The ransomware world is a good example of where Darwinian-style evolution is at work.


Did you find this tutorial helpful? Don’t forget to share your views with us.