While ransomware has technically been around since the '90s, it's only in the past three years or so that it's really taken off, mainly because of its increasing fast spread and highly destructive, as well as the availability of untraceable payment methods like Bitcoin, just as the WannaCry ransomware attack from 2017 which, once opened on one computer, spreads across a network. It is reported that Ransomware has been the #1 Cybersecurity threat in the world for a couple years now. Ransomware is a growing threat, but there are things you can do to protect yourselves.
What is Ransomware and how it works?
Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and demands a ransom from the victim to restore access to the data upon payment. Encryption ransomware is by far the most common type. Once it’s taken over your system it blocks access to your data until the payment is delivered to the criminals. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin. Usually, the ransom payments have a time limit. Going over the deadline typically means that the ransom will increase, or mean that the data will be destroyed and lost forever.
There are a number of vectors ransomware can take to access a computer. One of the most common delivery systems is malicious links or attachments, phishing attacks and lateral spread, like the WannaCry ransomware attack from 2017 which, once opened on one computer, spreads across a network. Some other, more aggressive forms of ransomware, like NotPetya, exploit security holes to infect computers without needing to open it.
There are several things the malware might do once it’s taken over the victim's computer, but by far the most common action is to encrypt some or all of the user's files. After the process, the files cannot be decrypted without a mathematical key known only by the attacker. The user is presented with a message explaining that their files are now inaccessible and will only be decrypted if the victim sends an untraceable Bitcoin payment to the attacker.
Many users first became aware of the threat after the notorious WannaCry ransomware outbreak of May, 2017, which afflicted hundreds of thousands of systems, spreading to 150 countries in a matter of a few hours. The volume and sophistication of ransomware attacks has risen steadily over the past few years, becoming one of the most pervasive and expensive online criminal threats in history. The US FBI estimated that ransomware gangsters extorted over $3 Bllion from victims by the end of 2017. As subsequent waves of attacks, the ransomware problem is estimated to get worse in 2018. The developers of ransomware function as businesses and either run the attacks themselves or sell the ransomware as a service (RaaS) like a software as a service (SaaS).
Who Are Ransomware's Targets?
Cybercriminals realized that companies and organizations were far more profitable than users. Any company or organization that depends on daily access to critical data—and can’t afford to lose access to it during the time should be most worried about ransomware. That means banks, hospitals, Congress, police departments, and airlines and airports should all be on guard. But any other corporation or government agency is also at risk. Attackers know that a successful infection can cause major business disruptions, which will increase their chances of being paid.
Individual users are also at risk of ransomware attacks against home computers. Ransomware creators and distributors target home users because they have little or no cyber security education, lack online safety awareness, and lack even baseline cyber protection.
The short answer to the question posed in the headline is 'everyone': Every individual user, every small business, midsized company, enterprise, and organization is possible a victim of ransomware. It is badly needed for all users to educate themselves on the ransomware protection, learn how to defend against ransomware.
Tips to Protect Against the Very Real Threat of Ransomware
Learning how to prevent ransomware attacks is a need-to-have set of knowledge and you can do it both at home and at work. Here are some tips.
•Practice Anti-Ransomware Strategies and Get Update
Ransomware can be blocked on PCs by any anti-virus or anti-malware engine that correctly signature-matches the malicious code. Modern antivirus utilities supplement signature-based detection with some form of behavior monitoring. Some rely exclusively on watching for malicious behavior rather than looking for known threats. But ransomware designers are tricky; they work hard to get around old-school signature-based malware detection. Most home users still rely exclusively on antivirus to protect them from all threats, which is frequently ineffective in spotting and stopping ransomware. Even if the antivirus gets an update that removes the ransomware, it can't bring back the files.
•Cautious Online Behavior
The primary method of infecting victims with ransomware involves every hacker's favorite bait—phishing attack, which involves spamming you with emails that carry a malicious attachment or instruct you to click on a URL where malware surreptitiously crawls into your machine. Another highly successful method that hacker also adopted is malvertising—which involves compromising an advertiser's network by embedding malware in ads that get delivered through web sites you know and trust. Ad blockers are one way to block malicious ads, patching known browser security holes will also hinder some malvertising. Here are some points:
<1> Never download attachments from spam emails or suspicious emails.
<2> Never click links in spam emails or suspicious emails.
<3> Use an ad-blocker to avoid the threat of potentially malicious ads.
•Backup Your Data Regularly
One of the best protections against ransomware is having a regularly updated backup. That won't stop a malware attack, but it can make the damage much less significant. This means backing up important data regularly, so that even if your computers and servers get locked, you won't be forced to pay to see your data again. Some ransomware attackers search out backup systems to encrypt and lock, too. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. So if you backup to a local storage device or server, these should be offline and not directly connected to desktop systems where the ransomware or attacker can reach them.
AOMEI, the easiest backup keeps data safer, provides a simple and reliable backup and restore solution across multiple storage types to protect everything on PC, including system, disk, individual files and partition. The PC backup software - AOMEI Backupper also enables users to backup only changed or new files with incremental and differential backup based on a full backup to save time and disk space. What's more, users can set up a schedule to backup system and files automatically, four options are available: daily, weekly, monthly and event triggers. AOMEI also released a 100% free backup and restore software especially designed to protect system & files against Ransomware like WannaCry, Wanna Decryptor, Cryptolocker, etc – AOMEI Backupper Free. With which, users can easily back up system, files, disks, partitions on desktop and laptop computers and restore all data when computers have been attacked. What is more, even if the computer has already been infected with Ransomware, they can still use it to create image files not only to prevent from more serious data loss caused by disoperation or a new mutation of Ransomware, but also "froze" the countdown of Ransomware.
Getting your files back after a ransomware attack is good, but completely preventing that attack is even better. There are a handful of simple things we can do to defense against ransomware. The only way to guarantee the safety of your business’s data, information, and files is to back them up – both on the cloud and locally. Stay safe and don’t forget the best protection is always a backup!
Found in 2009, AOMEI is an up-and-coming software company that focuses on data security. With professional and reliable support service, AOMEI products are favored by users around the world. Today, AOMEI solutions are available worldwide through a global network of service providers, distributors and resellers. AOMEI continued to grow and develop while bearing in mind their mission - Always Keep Global Data Safer, and strive to let billion of users benefit from AOMEI Products, and make AOMEI become the industry benchmark.
Learn more about AOMEI Backupper here.
Learn more about and joint the AOMEI Global Partner Program here.
Follow @AOMEI on Twitter: https://twitter.com/aomeitech
Like AOMEI on Facebook: https://www.facebook.com/aomeitechnology
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.
According to new research conducted by the Ponemon Institute, Australia and New Zealand have the highest levels of data breaches out of the nine countries investigated. This was linked to heavy investment in security detection and an under-investment in security and vulnerability response capabilities
In partnerhsip with Mimecast