A ransomware is malicious software that kidnaps data. The hacker exploits a loophole to encrypt the data of his victim, then asks him to pay a sum of money in exchange for the key that will allow to decipher them. 

The best known ransomware is Reveton, CryptoLocker and WannaCry . 

Ransomware is usually spread through phishing or click hijacking attacks. Once the virus is installed, the victim can no longer access or use their computer data. Many ransomware attacks require the payment of a ransom in a cryptocurrency like Bitcoin. 

The question everyone is asking, How can such software keep your data or systems hostage ? 

In this article, we will find out together how ransomware works, what are its types and HOW to protect yourself from it.

How does it work ?

Unlike other cyber attacks, ransomware actually blocks the victim’s data rather than stealing or destroying it. Recently, encryption ransomware has been the most publicized type of ransomware. Most ransomware enters a network via email attachments, social networks or malicious sites. 

Let’s break down the typical encryption ransomware workflow into five steps : 

• A user downloads a malicious file from a web page or email .

•  The downloaded file contains the ransomware, which begins to infect the user’s system . 

• Some types of ransomware will spread to other systems in the network , if the network contains vulnerabilities .

• Ransomware will prevent access in one way or another. Many versions of encryption ransomware will encrypt user files on the network with AES-265, a single-use Key. 

• The ransomware creates a unique key for each file that has been encrypted. Once the ransom is paid , data will be back to its user with these keys.

After knowing how it works, let’s dive into details and know what its types are :

Ransomware Locker

This type of malware blocks basic computer functions. For instance , you’ll be denied access to the desktop, while the mouse and keyboard are partially disabled. This enables you to still interact with the window containing the ransom demand so as to form the payment.

 Aside from that, the pc is inoperable. 

But here’s the bright side : Locker malware doesn’t usually target critical files; it generally just wants to lock you out. Complete destruction of your data is therefore unlikely.

Crypto Ransomware

Crypto ransomware. The aim of crypto ransomware is to encrypt your important data, like documents, pictures and videos, but to not interfere with basic computer functions. 

This spreads panic because users can see their files but cannot access them. 

Crypto developers often add a countdown to their ransom demand: “If you do not pay the ransom by the deadline, all of your files are going to be deleted.” and since of the quantity of users who are unaware of the need for backups within the cloud or on external physical storage devices, crypto ransomware can have a devastating impact. Consequently, many victims pay the ransom simply to urge their files back.

Scareware

As part of these attacks, a malware infects one or more systems, then poses a legitimate alert, claiming to detect another form of virus or malfunction. It then prompts the user to make a payment to a fake service or company to solve the problem. It is called Scareware because it scares users into believing that there is a real problem. They then make the payment without knowing that it is a ransomware scam. All employees and staff should be trained to detect scareware and react if they suspect an attack

Doxware

Hackers threaten to disseminate confidential or sensitive information online or to communicate it to various third parties. Doxware attacks can be very effective, as we mentioned, as companies often believe that the financial damage caused by leaking information would exceed the amount of ransom. Some information is so sensitive that it can threaten the very existence of a business, making doxware attacks extremely dangerous. 

Therefore , it is crucial for companies to adopt appropriate data protection measures from the outset.

So far, We’ve discovered how ransomware works and its types . Well, a small part of its type but every problem has a SOLUTION, right ?

How to protect against ransomware ?

Specialists encourage users to regularly make Back-Ups of their data, to counteract any risk of removal. In case of cyber extortion, DO NOT PAY ransom but completely erase the hard drive and restore the data from the back-up. 

---