What is Ransomware?

Ransomware is a type of malware that uses encryption to hold a victim’s data ransom. It is designed to rapidly spread across a network and targets databases and file servers. It is a growing threat, inflicting significant damage and cost to businesses and governmental organizations.

Early cases of ransomware were first reported in Russia in 2005. Since then, ransomware has spread all over the world, with a significant uptick in 2011. It is estimated that in 2021 alone, ransomware attacks have cost the global economy approximately $20 billion — with an attack occurring every eleven seconds.

Ransomware most often commences when a victim downloads malware through email attachments or links from unknown, malicious sources. Nonetheless, since malware is designed to remain undetected for as long as possible, it is difficult to identify how an infection occurred.

There are two main kinds of ransomware

  • Blocker Ransomware:

Locks users out of computer functions. It might deny access to your desktop by partially disabling files the computer uses to start. Generally, you will be able to use your computer to pay the ransom, but it will be otherwise-useless. This type is simpler and less catastrophic than the second type.

  • Crypto Ransomware:

Encrypts critical data (documents, photos, and videos etc.) while leaving computer functions untouched. This type often includes a countdown in the ransom demand. If the payment deadline isn’t met, all captured files are deleted.

Who Are the Victims?

For hackers, there are four main target groups:

1. Easy Targets

Groups that are perceived as having basic security teams. Universities are a common target in this category, as they have significant capital with a large amount of file-sharing across multiple servers.

2. High Value Targets

Organizations that are willing to pay out vast sums of money to get their data back. Government agencies, banks, energy companies, and medical facilities fall into this category. These bodies require constant access to their data in order to function and may regard paying the ransom as the lesser of two evils. An example this year was the Colonial Pipeline attack which resulted in $4.4 million being paid.

3. Sensitive Data Targets

Groups that hold sensitive data. Law firms, social media platforms, and identity-related companies will fall into this category. The attackers hope that the legal controversies which could result from data being shown to be insecure will persuade the victim companies to meet demands privately and quietly.

4. Average Joes

The everyday online user. This target is more likely to be intimidated and cave in to demands, as they have less knowledge and fewer perceived options.

In each category, there are essentially only three steps you can take:

  • The first is to pay the ransom. Generally speaking, most experts advise not paying because even if you do, the attackers will likely not bother to unlock your device or data.
  • The best option is to try and remove the ransomware from your computer. 
  • If this is not possible, you will need to reset your computer to factory settings and purge everything. For this reason, it is crucial to back-up data.

The Future of Ransomware

Ransomware is unfortunately here to stay. Its targets may change, but the crime will not. As our lives become increasingly digitized, smart home devices and connected vehicles are new targets, as are domestic smart locks, smart thermostats — not to mention connected health devices such as pacemakers and implants. The Internet of Things (IoT) affords limitless opportunities to cybercriminals.

If you become a victim, keep calm. Look for help, don’t pay, and consider real-time security protection from the likes of Trend MicroNorton or Kaspersky.

As ever, if you’ve found this article an interesting and/or useful read, please do SHARE with family and friends to help keep the online community secure and protected.