Ransomware is a type of malicious software that prevents the victims from accessing their documents, pictures, databases and other files by encrypting them and demanding a ransom to decrypt them back. A deadline is assigned for the ransom payment, and if the deadline passes, the ransom demand doubles or files are permanently locked. The Ransom demands are on the rise, with average demands above $1,000, up from $300 back in 2015. Ransomware is an ever-increasing threat worldwide, claiming a new victim every 10 seconds.
How it all started
One of first modern Ransomware attacks was detected over a decade ago in Russia. It moved files on the attacked PC to a password-protected ZIP folder, and deleted the originals. To recover their files, victims had to transfer $300 to an E-Gold account that can be considered an early type of BitCoin.
Types of Ransomwares
While they generally rely on similar tactics to take advantage of users and hold your data hostage, there are different families of Ransomwares. The most common ones are:
• WannaCry is the most recent (last May) and the largest Ransomware attack to date. It infected more than 100,000 computers by taking advantage of an unpatched Microsoft Windows vulnerability.
• Locky – first seen arriving as a macro in a Word document, and then spotted being spread via Adobe Flash and Windows Kernel Exploits. Locky ransomware is known for deleting shadow copies of files to make local backups useless.
• Cryptowall – Its latest version is known for encrypting also the names of the encrypted files making it harder for the victim to know what has been encrypted. It is spread in many ways such as attachments in phishing emails from financial institutions. The ransom demanded is usually $700, doubling after about a week to $1400.
• Cerber – the world’s biggest ransomware-as-a-service scheme, it isis a franchise scheme, with its developer recruiting affiliates who spread the malware for a cut of the profits. Cerber was used in an attack that potentially exposed millions of Microsoft Office 365 users to the infection.
How to protect myself
While traditional antiviruses will offer good protection from known ransomware attacks, they will not protect you from new attacks that are not identified by them. That is why it is recommended to have a strong anti-ransomware software. Learn more about ZoneAlarm Anti Ransomware.