After the things we heard about WannaCry ransomware earlier this year, a lot of people have started asking quite some questions about this Trojan that is going about infecting people’s PC and even mobile devices.
What is a ransomware by the way?
It is a Trojan carrying virus which aims to block access to your personal files on your computer along with your cloud back up and every other device connected to your local network. It does not stop until a ransom payment is made for them to allow the virus to leave those files.
The singular aim of this Trojan is to threaten you with a message that your files can’t be accessed, and if you still need to gain access to it, you need to deposit a certain amount of dollars’ worth of Bitcoin to a blockchain account. We all know for clarification that no security agency can’t trace Bitcoin transactions; it is a safe passage for the hackers.
There are two types of ransomware
- The one that crypt your files and personal folders on your PC, then ask you to part ways with your money before the data will decrypt.
- The other type is about blocking total access to your PC with a pop-up message stating how to regain control of both applications and files on the system.
Ransomware may have evolved over the years, but nothing has brought it closer to achieving its goal than tones of data encryption service use to power blockchain technology. The level of the sophistication of that piece of work has led to hackers replicating such success in a malware encryption.
Today ransomware possesses certain vital features like:
- Ransomware layers of encryption are very thick and almost impossible to break.
- Its modus operandi is to infect as many files as possible.
- Ransomware While infecting files, it can cause a significant filter of data in different locations.
- Hosting various forms of a file extension on a particular program is one of it handiwork
- It always comes with a blowback, and that is, ‘pay the ransom and get back access to your files.’
- It is untraceable and undetectable by antivirus because it has socially engineered its structure in a way that it is no longer seen as a virus by system firewalls.
- It comes in different languages and names.
- New ransomware are created every second
- Their variation is less known than their names suggest.
As it escapades keeps on increasing, the next question people begin to ask is why do they target the different class of attack they have carried out so far?
For example, the reason they attack individuals on their laptops and PCs is that these people lack:
Proper back up both online and offline
- Possess little knowledge about how Cybersecurity works
- It is easy to sway them by a little social engineering
- The operating systems they use are vulnerable because they are usually out of date.
- Over-reliance on antivirus makes them sloppy in defending themselves against ransomware
- Believing in pure gibberish that they are too apt to fall for the whims and caprices of ransomware.
- More infected PC means more money in the bank.
The attack on businesses is quite simple to phantom.
They are the big moneybags who can cough out as much as $10000 to $40000 to settle up and allow their systems to flow.
Too many systems to monitor allows negligence to cause a significant havoc to computer files infected.
Breach of the security of products in a company can cause panic and make the company lose money.
They attack public institutions simply because;
It is simple to steal the information they can sell on the black market.
For the reason that their operating systems are always outdated.
The citizenry will feel it the most when government parastatals close shop because of they can’t access adequate data.
How do we contact this virus?
- By clicking on file attachments in our emails
- By visiting malicious websites that only aim to steal your personal information.
- The use of botnets
- Malicious redirects from legitimate websites can trigger a ransomware attack
- Frequent downloading from a non-trusted source.
However, for it to successfully infect a device, it must have;
- Been clicked as an attachment on an email
- Must have run on a malicious website in some seconds.
- Within that few seconds, the information on that computer is transferred to the server of the cybercriminal.
- It now goes ahead to the hard disk and crypts every file on it.
Why does it go undetected by antivirus?
It uses a lot of manipulation techniques to communicate with your PC command and server using encrypted network traffic.
Fast flux has been a known tool for hackers for long, a lot of it is seen featured on Ransomware
It can stay hidden in a system for as long as until the firewall and antivirus begin to weaken in their job to protect; it will now attack.
Ransomware carries enough traffic of encrypted data which can be too overwhelming for a system, and some of it contains malware.
How do we stay safe from this menace of a virus?
- Back up your data on cloud space like Dropbox and offline on your hard disk as frequently as possible
- If you operate on only one interface, try to use the guest account, just to limit certain privileges
- Allows specific plugins to be prompt on demand instead of always there to avoid them being used against you, e.g. Java
- Always update your security and privacy settings on your system and browser
- Update your extensions and add-ons
- Reduce the number of traffic Ads you receive by using ad blockers
- If you are surfing the next, never open optional attachments especially emails encouraging you to click
- Never download them either
- Try as much as you can to use an updated antivirus in real time
- Go for a cybersecurity seminar
- Use updated versions of your operating systems