30 likes | 54 Views
You got an email from a new email user this morning and it has an attachment. Then You want to check the attached file which you think has some important information.
E N D
Ransom ware: What it is? How to Avoid it’s damages You got an email from a new email user this morning and it has an attachment. Then You want to check the attached file which you think has some important information. When you clicked on it and probably your system stuck. Later on when you checked all your documents and pictures are changed to some random values with XXXX in them. Now you cannot see your pictures and your documents are not opening in their respective programs. This happened due to ransom ware attack. What is Ransom ware? Malicious software which can encrypt your documents files and show you a message to contact hacker for ransom money. Usually a bitcoin digital money. Most dangerous thing about ransom ware is that it is impossible to recover files without paying the ransom. The new version of ransom ware which hit the world few days early is the Wannacry ransom ware. According to a report Ransom ware virus hit about 230,000 systems worldwide. The UK’s health organization NHS is one of the major victims. It mostly hit the windows versions which were not up-to-date. Wannacry damage to systems around the world. How it attack?
Emails with ransom ware attachments are always circulating on the internet from many years. You may have got many of them in your spam mails. It cannot harm you unless you execute them. There is a big mis-computation that ransom ware is spreading and there is nothing to stop it and it will break the whole internet. It’s rather easy to avoid them when you are cautious about the email attachments and keep your antivirus and operating system up to date. With great power comes great responsibility, if you are an Admin or a Manager who has access to all of the company files. A single mistake like this can bring your company down. Ransom wares are mostly automated attacks and they can only trigger if someone execute them. But after execution they can spread across insecure network like a worm. Also they cannot do damage to routers, switches, Linux and Mac systems. How NHS got affected of Wannacry? Report says that it attacked on outdated computers. Also four in five hospitals were unaffected. The affected hospital has got some security software updates from provider which was also not applied. We have tested a version of ransom ware and it was very threatening to documents on the system. There is no way you can recover the documents, it is only possible with a secret key from hacker, which can decrypt the files. Mostly hacker have left their signature and contact information. It mostly hit the documents and multimedia files. Ransome ware doesn’t affect system file. There is a version which can lock down your PC as well but I guess it’s rare. Most dangerous thing about it? The most dangerous point of Wannacry was that it was behaving like a worm and it was spreading through the smb/cifs protocol vulnerability in Microsoft operating system. It could have done more damage but it is said that there was an unregistered domain mentioned in the kill-switch of the Wannacry. A malware tech guy identified that domain, he registered it and that kill-switch got activated. It helped in stopping of Winery spread and it helped in identifying the affected systems.
How does it spread? It mostly spread through emails and websites which has infected download links mostly the files convert into zip format and when you click on them they will hang your system during this system hang period ransom ware starts accessing all your documents, photos and multimedia files and starts encrypting them. The encryption of large number of files is a highly CPU intensive task and it makes your system stuck and it will stop responding to mouse and keyboard inputs. Ransom ware goes to all the targeted files which you have access suppose your system is connected to your phone, external hard disk and a network drive. So all the documents files which your PC has access to at that time will get encrypted and become unsable. Antivirus can detect most of the ransom ware but there is always a new version of ransom ware, which can reach your system undetected if you are not following proper security measures. Backups are the most important thing which can save you. I know it is not in our nature to take backups unless we got hit by a disaster but it is always best to have a backup plan, so that you can recover to a week early, rather than starting over a new company. Conclusion Ransom ware are a new breed of malware which can cause damage through mostly email attachments. But websites download lniks also contain ransom ware viruses, software cracks and can spread via USB and insecure networks with insecure shares. If you keep you computer and operating system update, you can avoid it. Avoid opening email attachments from unknown users. Awlays Avoid sharing your files with everyone on the network. Avoid use of USB unless you are sure it is clean.