Ransomware: A Perilous Malware

1. Ransomware: A Perilous Malware

2. Table of Contents • Web Hosting • Malicious Software • Ransomware • How Ransomware Works • Prime Targets of Ransomware • How to Alleviate Risk of Ransomware • Conclusion

3. Web Hosting • We visit numerous websites daily and each website that we visit is hosted on the web server of a web hosting company. Web hosting is the service provided by these web hosting companies, which are also called web hosts. This service includes leasing server space to website owners along with providing them the services and the technologies that are needed by a website, in order for it to be accessible over the Internet. • Terms such as “Windows Hosting Company” or “Cloud Hosting Company” or even the “best Web Hosting Company in India or abroad, refer to web hosting service providers. These web hosts provide various web hosting packages with features catering to different types of hosting requirements.

4. Malicious Software YELLOW • A malicious software is any malicious program that has been designed and then installed onto a computer system with the intention of causing damage to either the computer, the computer network, the server or the user of these. It can also be a computer program that acts covertly and causes intentional damage to the target computer’s or computer network’s data. Malicious software can be worms, viruses, Trojans, hacker utilities and other malware.  • Such a software has code that is developed by cybercriminals with the aim to cause substantial damage to the data as well as the system that it targets. Another of its aims, is to have unauthorized access to a network. Any malicious software, such as a malware, is usually delivered in the form of a file or a link via email. Once the target user clicks on it, the malware gets installed and becomes active. • There is a diverse variety of malware. Ransomware is one of those. This PPT is aimed at shedding light upon this malicious software called Ransomware.

5. Ransomware • It is a type of a malware, which has the ability to lock a computer’s screen and additionally encrypt important files (which are predetermined) with a password. When this malicious software gets installed in a computer, it displays a messages asking its victim to pay a ransom in order to regain access to his system and its data, after the payment has been made. This type of malware puts a victim’s data in jeopardy by either continuing to block access to it or by threatening to publish it, unless the victim shells out a ransom. Advanced malware encrypt the target’s files which makes those inaccessible. A ransom is demanded to decrypt those files. These files cannot be decrypted without the aid of a key that is known only to the attacker. When the ransom is received, the victim is given the decryption key. Ransomware code is not very complex as its main goal isn’t usually to remain undetected for a long duration. Its relative ease of implementation, along with the potential to extract a high amount of money, makes it an attractive malicious software that cybercriminals like to take advantage of.

6. How Ransomware Works Ransomware is usually delivered via emails that appear to be legitimate. Since these emails appear to be genuine, the target is tricked into clicking a link or downloading an attachment that contains and delivers this malware. Ransomware also gets installed via drive-by download attacks on compromised websites. Often ransomware attacks have been carried out with the aid of social media messaging. Some aggressive forms of ransomware do not need to trick users in this way, rather these exploit security holes to infect computers. Generic ransomware is not usually individually targeted. Usually attackers acquire lists of emails or compromised websites and then infect those with the ransomware. Regardless of whether the ransom is paid or not, such a cyber-attack will always lead to the extraction of important data from a compromised system.

7. Prime Targets of Ransomware • Anyone individual or organization that has important and valuable data, weak security system in place, insufficiently trained employees regarding such attacks, becomes an easy target of ransomware attack. Sectors, such as healthcare, retail, finance and utilities, which have a large volume of data in their systems also become easy targets for such attacks. Recovering such huge volume of data can be tricky, so these prefer to pay the ransom. • Let us touch upon different easy targets of cyber-attacks, in no particular order. • Educational Institutions- These become a prime target because the systems of educational institutions store the social security numbers, medical records, intellectual property, research work related data and financial data of their faculty, staff as well as students. The reason that such attacks become successful is due to the fact that such institutes have budgetary constraints, high rate of network file sharing and smaller not very well-versed IT teams.

8. Ransomware • Governmental Organizations- These are another main target of ransomware attacks because their systems have crucial data, access to which needs to be regained urgently. For the immediate recovery of such important data, these organizations are more than willing to pay the ransom amount without any delay. • Ransomware attacks target the human resource department of different companies as it is easy to trick professionals from this field into opening malicious links, emails, attachments by posing as a job applicant.

9. How to Alleviate Risk of Ransomware For the purpose of eliminating or at least reducing the threat posed by ransomware, one needs to not only secure the networks, systems and the end user, but also respond appropriately to such an attack. In this section the ways to effectively address all these three will be touched upon. In order to keep the networks and the system secure one needs to have an incident response plan, make use of anti-spam and antivirus solutions, disable macros script, use and maintain a backup system, keep all systems patched, restrict Internet access, vet and monitor third parties, participate in cybersecurity information sharing, and last but not the least apply the principles of least privilege and network segmentation. To keep the end user secure, one needs to have a reporting plan regarding any suspicious activity and make sure that the users keep their browsers closed when not in use. Along with these simple but effective measures, employees of organizations need to be trained and prepared for social engineering and phishing attacks. In the event of a ransomware attack, the system that has been infected should be immediately disconnected from the network. This will prevent the malware from propagating any further. The data that has been affected and its extent, needs to be determined. The availability of a decryptor (some online resource) needs to be ascertained. Files should be restored from those backups that are maintained regularly. Finally, such attacks need to be reported to those agencies that handle cybersecurity related issues.

10. 1-800-123 -8156 Whoa! That’s a big number, aren’t you proud?

11. Conclusion The purpose of the information regarding Ransomware that is contained here is to increase awareness regarding this type of a dangerous malware. This malware not only puts its victims in a vulnerable position where they risk losing their critical files and data, but also causes them financial loss when they have to pay a high amount of ransom. Apart from that it leads to lost productivity, the need for network modifications, increased IT costs, expenditure in the form of legal fees. Hence, it is extremely important to ensure proper security measures to avert a ransomware attack, rather than crying over spilled milk.

12. Thanks! ANY QUESTIONS? You can find me at: www.htshosting.org www.htshosting.org/best-web-hosting-company-India www.htshosting.org/best-windows-hosting www.htshosting.org/best-cloud-hosting-company support@htshosting.org