In 2013, Cryptolocker ransomware came into the light and set the world of cyber security on fire. It was recognized as the modern age ransomware. Later on, more lethal and more dangerous ransomware followed Cryptolocker and raised some serious questions to organizations’ security. The best part of these ransomware attacks was the awareness. The world became more aware about cyber security and there was universal agreement made that security is the essential ingredient now a days to protect the organizations data and assets.
In the recent years, there are so many ransomware identified which shook the world and the impact it had was phenomenal and got the eyeballs of every single organization. It doesn’t matter what’s the volume of your organization or what kind of data you are dealing with on a daily basis, ransomware is not gonna spare you. Period!
Cybersecurity ventures has revealed some interesting and threatening facts in their annual report regarding ransomware impact.
- Every 40 seconds a business falls victim to a ransomware attack.
- Cybersecurity Ventures predicts that will rise to every 14 seconds by 2019.
- The FBI estimates that the total amount of ransom payments approaches $1 billion annually.
- Global ransomware damage costs are predicted to exceed $5 billion in 2017, up more than 15X from 2015.
WannaCry, NotPetya, CrySis, Jaff, Spora, Jigsaw, Nemucod, Locky, SynAck, Cloudbleed, SimpleLocker, TeslaCrypt are the popular ransomware that were in headlines for long time. So. What is this all Ransomware? What exactly it does? Should I worry about it? If I’m vulnerable, how to tackle with it? Well, we’ve got you and have the answers to your questions in our kitty.
What the hack is Ransomware?
Ransomware is a malware or you can say malicious software which infects computers and restricts their access to files, often threatening permanent data destruction unless a ransom is paid.
Ransomware can infect the servers, network devices, computers, attached devices (USB, HDDs etc.
As the name suggests, Ransomware are spread with an aim to recuperate some handsome ransom from the organizations in exchange to release or give access to their own data.
Should I worry?
Of course, you should worry. As per the reports of Trendmicro, 29 ransoms were identified in the year of 2015 and there was a significant growth in the numbers in the next year,2016 and it reached to 247- 752% increase. Damn! That number it self says the growth rate in ransom and how dangerous it can be in the coming time. Well, the trend continued in the year 2017 as well when WannaCry and Petya were detected. WannaCry took the cyber world by storm with its arrival.
You should worry because if you install any malicious software without your knowledge, it will hijack your OS/File system and infect them like anything. All your data will be locked and the irony is you need to pay ransom which is asked or forget your data. Obviously, you will pay if the data is too much critical for you.
So you gotta need to be careful while downloading or installing the softwares. In fact, there is need to be careful while surfing the internet. You never know when you are redirected to the malicious sites and forced to download the softwares which are vulnerable and make your life worse at least.
How exactly these Ransomware works?
The most common medium which helps ransomware spread its wings and trick the users into the trap is PHISHING.
The attacker sends malicious links to the user and give the best shot to convince the user that the link or attachment sent is legitimate. The user is trapped and allows the ransomware to take over the charge of its system/ File system. Well, again it depends upon the type of ransomware as well. Some ransomware encrypts the file systems and demands for ransom in exchange to revert back the access to the user. While some ransomware are made to infect the servers and network devices connected. So it varies upon the type of ransomware.
“The attackers mostly target the giant organizations to recuperate good ransom from them. Ransomware offerings range from basic USD10 offerings to targeted offerings on Android (USD 250) and even customized offerings for $1400. The more customization that’s required, the higher the price. The most expensive ransomware offering observed by Carbon Black was USD 3,000, but the entire kit was completely customized and used for targeted campaigns.”
How to tackle with Ransomware attacks?
Well, There are certain ways to tackle with these attacks. It don’t give the assurance that you are always going to be safe but it surely does avoid the situations being the worst.
1. Always keep a backup of your data
It is always recommended to have the back up of your all data or critical data at least. Keep the back up and copies of it updated.
2. Define the control access
It is mandatory to restrict the access to the sensitive or critical data. Access control mechanism needs to be in place for the organizations. Who will have access to what and at what extent, this needs to be addressed properly to avoid the setbacks later on.
3. Install the updates and patches on time
Always keep your systems updated. Install the security patches released by the authorized vendors on time. Security patches will avoid the further exploitation of the dangerous vulnerabilities and will keep the data and systems safe as well.
4. Say no to Ransom
If you’re asked to pay ransom, say a clear NO! If you have the data back up in place, there’s no need to pay the ransom and if you don’t still it is not recommended not to pay the ransoms. The reason is clear. Your ransom will encourage the attackers to create and spread more ransoms in the coming time. Its an easy and effortless income for them. Paying ransom is never gonna help you!
5. Trainings and awareness programs
Organizations need to start educating the employees about security and its importance. Training programs should be on place for that. The employee should understand the phising mails, best practices and to achieve that trainings and simulation programs will help without any doubt.
6. Security centered environment
Organizations need to focus more on the security posture. There should be readiness to tackle any incident which occurs in real time, monitoring programs, incident response, operations center will them to achieve it. The adoption of new technologies will also make these tasks bit easier and efficient.