Beware The Many Forms of Ransomware

Ransomware has proven to be a big problem for businesses both large and small. It can attack your data in a variety of ways and completely stop your business operations.

In many cases, it can cost hundreds of thousands or millions of dollars to regain access to and use of pirated content.

According to the Chainanalysis 2021 Crypto Crime Report, the total amount paid by ransomware victims rose 311% in 2020 to nearly $ 350 million in cryptocurrency (the most popular form of payment) and the problem will continue to grow.

Overall, the best defense against ransomware attacks is a good one. Understanding the different forms of ransomware can help organizations prepare for the intrusion. Here are some tips for dealing with all types of cyber criminals.

First, for those unfamiliar with ransomware, it is a virus that silently encrypts user data on their computers. It can infiltrate your system and deny access to important information, thereby hampering or terminating all business activities.

After an intruder steals and encrypts data, a message may appear asking for a sum to be paid in order to regain access to the information. The victim only has the allotted time to pay the cybercriminal. If the deadline is exceeded, the ransom can add up.

Some types of ransomware have the ability to scan for other computers on the same network in order to infect them. Others infect their hosts with more malware, which can lead to credential theft. This is especially dangerous for sensitive information such as bank and financial account passwords.

The two main types of ransomware are called crypto ransomware and locker ransomware. Crypto ransomware encrypts various files on a computer so that they cannot be accessed by users. Locker ransomware does not encrypt files. Instead, it “locks” the victim out of their device and prevents them from using it. After being prevented from accessing it, it will ask the victim to pay money to unlock their device.

There have been many high-profile cyberattacks involving ransomware in recent years. This contains…

“WannaCry” in 2017. It spread to 150 countries including the UK. It is designed to manipulate Windows vulnerabilities. By May of this year, it had infected more than 100,000 computers.

The WannaCry attack affected many UK hospital societies and cost the NHS an estimated £ 92 million. The user is locked out and a ransom in the form of Bitcoin is demanded. The attack exposed the problematic use of legacy systems. Cyber ​​attacks caused financial losses of approximately $ 4 billion worldwide.

Ryuk is a ransomware attack that spread in mid-2018. It disables the Windows system recovery option on PC computers. Without a backup, it is impossible to restore encrypted files. It also encrypts network drives. Many of the organizations attacked were in the United States. The ransom demanded was paid, the estimated loss was $ 640,000.

KeRanger is believed to be the first ransomware attack to successfully infect a Mac computer running on the OSX platform. It is included in the installer of the open source BitTorrent client, also known as Transmission. When a user downloads an infected installer, their device becomes infected with ransomware. The virus is silent for three days and then encrypts around 300 different types of files. Next, it downloads a ransom file, requests a bitcoin, and gives instructions on how to pay the ransom. Once the ransom is paid, the victim’s files are decrypted.

As ransomware becomes more complex, the methods used to spread it become more sophisticated. Examples include:

Pay-per-installation. It targets compromised devices that can be easily infected with ransomware.

Drive-by download. This ransomware is installed when the victim unknowingly visits a compromised website.

Links in emails or social media messages. This method is the most common. Malicious links are sent in emails or online messages for victims to click on.

Cyber ​​security experts agree that if you fall victim to a ransomware attack, don’t pay a ransom. Cyber ​​criminals can keep your data encrypted even after the payment and demand more money later.

Instead, back up all data to an external drive or the cloud so that it can be easily restored. If your data is not backed up, contact your internet security department to see if they have a decryption tool for such situations.

Managed service providers can conduct risk analyzes free of charge and determine the security risks of the company.

Understand vulnerabilities for possible intrusion and prepare ahead of time to succumb.This is the best way to stop cyber thieves from wreaking havoc in your business.

George Rosenthal is the founder and partner of ThrottleNet Inc. ThrottleNet provides a suite of technology products and services to help business owners achieve their business goals and accelerate business growth. These include ude cloud computing, custom development of mobile applications and software, and outsourced managed network services that help companies increase their technology availability and IT capabilities while reducing costs. To learn how you can accelerate your IT, visit ThrottleNet online at