Malware Ransom: What Does It Mean?September 3, 2020 | By Comodo
This term describes the ransom you pay to free your computer and data from cybercriminals’ custody.
“Malware ransom”, as some people prefer to call it, is the ransomware you probably know about. Maybe you’ve never heard about these two terms—this article explains more detailed information about the ransomware malware.
What is Ransomware?
Ransomware is a type of malware that throws you out of your computer—denying you access to your sensitive data. The attacker then displays an on-screen notification on your computer—asking you to pay a ransom before your computer and data are freed. This malware infects your computer through phishing emails, harmful software, unsafe websites, web push, etc. The attacker embeds malicious code in the attachments sent to you, and once you open the link or install any software, the malware finds its way to your computer to carry out its assignment.
Most ransomware victims do not immediately detect the malware on their system until the notification pops up. The ransomware assailants encrypt your data, which means you need a decryption key to break in. On payment of the ransom, the attacker sends a decryption key with instructions to regain access to your system.
Over the years, ransomware has become a major cause of concern for businesses and individuals. The attackers have continued to devised various means of carrying out their attacks—developing codes that are difficult to crack.
When Did Ransomware Attack begin?
Ransomware attacks began a couple of decades ago. The attack did not gain prominence until in the mid-2000s when the attack focused more on healthcare industries. Since then, more healthcare facilities have been hit by ransomware attacks, costing them a huge amount of money to recover their systems from the fraudsters.
In 2019, one of the biggest ransomware attacks gravely affected the Baltimore City government. This attack was said to have crippled the city’s government for more than a month. While the attacker demanded $76, 000, the recovery’s overall cost was estimated at over $18 million dollars. According to reports, the attack affected vaccine production, hospitals, airports, and ATMs.
After a year, the Atlanta City government experienced a similar ransomware attack that had them spent over $17 million to retrieve their systems.
Types of Ransomware
All ransomware attacks have the same purpose—encrypting your data to prevent users access to their data. But the attacks have different modes and periods of operations, hence the different types of ransomware. Here is a quick look at the different types of ransomware.
This has been around for over two decades, making it one of the oldest methods of malware attacks. CrptoLocker ransomware became known in 2013 after it was discovered that the original CryptoLocker botnet tactic was deployed in ransomware. This form of attack uses encryption algorithms, which makes it difficult to break. The majority of victims affected by CrptoLocker have to pay the ransom before regaining access to their files.
WannaCry has infected thousands of businesses around the world. This form of ransomware is common in many countries. WannaCry is also known as WCry and WanaCrpt0r.
This is another common ransomware but majorly infected businesses across Eastern Europe and Russia. Its mode of spreading is usually via a fake Adobe Flash update, mostly on compromised websites.
Cerber ransomware majorly targets cloud-based office 365 users. In recent years, attackers have ripped millions of office 365 users via phishing scams.
Crysis is the malicious code behind email phishing attacks. On opening a link with Crysis, the malware encrypts your files on fixed folders, removable and network drives. Like CrytoLocker, this form of malware is also difficult to decrypt, and most victims have to pay the ransom to be free.
Other types of ransomware include:
- ZCryptor, etc.
How to Prevent Ransomware Attacks
It’s common knowledge that traditional security systems like antiviruses and firewalls can help combat malware. While this is true to an extent, it doesn’t work all the time, especially for sophisticated malware like ransomware. So, what to do? There is still a solution—advanced endpoints protection has been proven to be quite effective in combating file, fileless, script-based, and other sophisticated malware that usually beats traditional security systems.
Advanced endpoint protection uses machine learning, security analytics, real-time threat intelligence, IoT security, and endpoint detection to spot and block complex threats.
With the alarming rate of ransomware attacks, it’s only wise to take the best proactive measure to prevent any form of malware attacks.