Ransomware Attacks

300dpiLogo

As discussed on previous post, the advancement in IT exceeds our imagination and brought up plenty of opportunities to take. However, all legitimate users are being threatened by frequent data breaches.

In this post, I will be discussing about one of the emerging threats of cyber attacks, Ransomware. What are Ransomware attacks? What are their main features? What kind of harms can they perform?

Ransomware is a type of malicious software program designed to exploit vulnerabilities to gain access to a computer or any other network connected devices. Once Ransomware has gained access, it blocks all your privileges until you make a given amount of money.

An example of a computer system after it has been infected by Ransomware is shown on the figure below. Once a computer or any other Internet connected device such as mobile phone is infected, you will see a message as you switched on telling you that all of your files like documents, photos, videos, database have been encrypted and no longer accessible. When a file is encrypted, it cannot be read or viewed or listened. In short, the file will no longer be usable unless it has been decrypted back.

And the malicious software program continues to advise what actions you should be taking in order to regain access. You are given fixed time to do so. If no action is taken within a given time period, there is strong warning message. The message states that your files will be encrypted forever as displayed in the figure. As a victim, you are expected to pay the amount stated in a method called Bitcoin.

Fig. Ransomware Attack

ransomwareattkexpic

Bitcoin is a type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. The attacker uses the Bitcoin system because it facilitates the payments to be sent directly to him or her from a victim without the knowledge of a bank or payment gateway. They are sold and bought independently to make payments as required.   

As researches indicate the common means of Ransomware attacks appear to be phishing emails that contain malicious attachments and website pop-up advertisements. It also uses a remote code execution to exploit vulnerability in computer system’s legitimate software like Microsoft. In 2017, Ransomware attacks hit hundreds of countries and organisations globally and caused major damages. The UK National Health Services (NHS) was among those victim organisations worldwide. Operations being canceled, ambulances being diverted and documents such as patient records made unavailable in hospitals and GPs surgeries of England and Scotland as the result of the attack.

As mentioned above, the main causes of Ransomeware attacks are malicious email attachments and website pop-up advertisements as well as remote code execution to exploit vulnerability in computer system’s legitimate software like Microsoft. I will provide my recommendations in line with each of the problem as follow.

Firstly, my simple straight forward advice is, ‘DON’T OPEN!’ email attachments unless a sender is on your email contact lists. At this time and age of technology, it is very easier for someone with malicious intent to find your email address in order to bombard you with emails packed with delicious-looking foods on traps. Most of us put delicious food on a trap to attract and catch, and eventually kill a trouble making rat in our home. If a rat knows a reason behind a delicious food, it wouldn’t be attracted and risked its life. But we are human beings and have conscious to make the safe action unlike rat. As long as we are on Internet and social media websites, our private details are already there. If someone finds a few of our personal information, it is not that difficult to gain access to the rest. Indeed, our hands are get involved in one way or the other to speed up the processes. Therefore, watch out who you are communicating and exchanging conversation with and giving out your private details.

Secondly, avoid opening website pop-up advertisement sites because this would pave the ground for online attacks such as Ransomware. It is almost impossible to filter out whether a certain website is dangerous or not unless antivirus and security software is installed on your computer systems including mobile phones. Antivirus and security software warn you in case of danger while you are opening a website. I have come across with some business people who make online transactions but their computer systems are without these crucial software. This is totally unacceptable and wrong thing irrespective of the volume and frequency of your transactions. My advice is install antivirus software with varying features before you are caught up by intruders like Ransomware.

Thirdly, there are various Operating Systems and application software like Ms Windows and Ms Offices among others. As previously pointed out, Ransomware uses remote code execution to exploit vulnerability in computer system’s legitimate software like Microsoft. Vendors are regularly updating their Operating Systems and application software to cope up with such ever increasing security challenges as well as demands from technological advancements. Therefore, it is always the best practice to check website of a vendor for updates (if any) and install accordingly.    

If you have any questions or comments, feel free to contact me. My next post will be on what is known as the Key Reinstallation Attack (KRACK). 

Here are secure links of my recommendations in order to contain Ransomware attacks. It opens in a new window so that you will be able to see further details to make the right decision.

More resources:

© 2018 Elrohi Business Channel. All Rights Reserved.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.