What is ransomware?

All you need to know about ransomware in 60 seconds

What is a ransomware attack?

Ransomware has grown to be one of the biggest problems on the web. It’s a form of malicious software — malware — which encrypts documents on a PC or even across a network. Victims can often only regain access to their encrypted files and PCs by paying a ransom to the criminals behind the ransomware.

A ransomware infection often starts with someone clicking on what looks like an innocent attachment, and it can be a headache for companies of all sizes if vital files and documents (think spreadsheets and invoices) are suddenly encrypted and inaccessible. But that’s not the only way to get infected.

Cybercriminals didn’t used to be so obvious. If hackers infiltrated your corporate network, they would do everything possible to avoid detection. It was in their best interests not to alert a victim that they’d fallen victim to a cybercriminal.

But now, if you are attacked with file-encrypting ransomware, criminals will brazenly announce they’re holding your corporate data hostage until you pay a ransom in order to get it back.

It might sound too simple, but it’s working: cybercriminals pocketed over $1bn from ransomware attacks during 2016 alone and a Europol report describes it as having « eclipsed » most other global cybercriminal threats in 2017.

What is the history of ransomware?

While ransomware exploded last year, increasing by an estimated 748 percent, it’s not a new phenomenon: the first instance of what we now know as ransomware appeared in 1989.

Known as AIDS or the PC Cyborg Trojan, the virus was sent to victims — mostly in the healthcare industry — on a floppy disc. The ransomware counted the number of times the PC was booted: once it hit 90, it encrypted the machine and the files on it and demanded the user ‘renew their license’ with ‘PC Cyborg Corporation ‘ by sending $189 or $378 to a post office box in Panama.

The AIDS demand for payment — by post.

Image: Sophos

How did ransomware evolve?

This early ransomware was a relatively simple construct, using basic cryptography which mostly just changed the names of files, making it relatively easy to overcome.

But it set off a new branch of computer crime, which slowly but surely grew in reach — and really took off in the internet age. Before they began using advanced cryptography to target corporate networks, hackers were targeting general internet users with basic ransomware.

One of the most successful variants was ‘police ransomware’, which tried to extort victims by claiming to be associated with law enforcement. It locked the screen with a ransom note warning the user they’d committed illegal online activity, which could get them sent to jail.

However, if the victim paid a fine, the ‘police’ would let the infringement slide and restore access to the computer by handing over the decryption key. Of course, this wasn’t anything to do with law enforcement — it was criminals exploiting innocent people.

Source: https://www.zdnet.com/article/ransomware-an-executive-guide-to-one-of-the-biggest-menaces-on-the-web/

Veille-cyber

Share
Published by
Veille-cyber

Recent Posts

Les 7 menaces cyber les plus fréquentes en entreprise

Introduction La cybersécurité est devenue une priorité stratégique pour toutes les entreprises, grandes ou petites.…

3 jours ago

Cybersécurité : Vers une montée en compétence des établissements de santé grâce aux exercices de crise

Cybersécurité : les établissements de santé renforcent leur défense grâce aux exercices de crise Face…

2 semaines ago

Règlement DORA : implications contractuelles pour les entités financières et les prestataires informatiques

La transformation numérique du secteur financier n'a pas que du bon : elle augmente aussi…

2 semaines ago

L’IA : opportunité ou menace ? Les DSI de la finance s’interrogent

L'IA : opportunité ou menace ? Les DSI de la finance s'interrogent Alors que l'intelligence…

2 semaines ago

Telegram menace de quitter la France : le chiffrement de bout en bout en ligne de mire

Telegram envisage de quitter la France : le chiffrement de bout en bout au cœur…

2 semaines ago

Sécurité des identités : un pilier essentiel pour la conformité au règlement DORA dans le secteur financier

Sécurité des identités : un pilier essentiel pour la conformité au règlement DORA dans le…

2 semaines ago

This website uses cookies.