RANSOMware
As RANSOM payment is associated with kidnapping today, ransom payment has evolved in the cyberspace with attackers using RANSOMware for their leverage. The user is presented with a message explaining that their files are now inaccessible and will only be decrypted if the victim sends an untraceable Bitcoin payment to the attacker. In some forms of malware, the attacker might claim to be a law enforcement agency shutting down the victim's computer due to the presence of pornography or pirated software on it, and demanding the payment of a "fine," perhaps to make victims less likely to report the attack to authorities. There is also a variation, called LEAKware or DOXware, in which the attacker threatens to publicize sensitive data on the victim's hard drive unless a ransom is paid.
 
EmergenceRansomware
in Cyberspace
Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key.
- Josh Fruhlinger

You can delete malicious files manually or automatically using the antivirus software. Manual removal of the malware is only recommended for computer-savvy users. If your computer is infected with ransomware that encrypts your data, you will need an appropriate decryption tool to regain access.
There are a number of vectors ransomware can take to access a computer. One of the most common delivery systems is phishing spam — attachments that come to the victim in an email, masquerading as a file they should trust.
There are several things the malware might do once it’s taken over the victim's computer, but by far the most common action is to encrypt some or all of the user's files.
There are a number of defensive steps you can take to prevent ransomware infection. These steps are of course good security practices in general, so following them improves your defenses from all sorts of attacks:

  • Keep your operating system patched and up-to-date to ensure you have fewer vulnerabilities to exploit
  • Don't install software or give it administrative privileges unless you know exactly what it is and what it does
  • Install antivirus software, which detects malicious programs like ransomware as they arrive, and whitelisting software, which prevents unauthorized applications from executing in the first place
  • And, of course, back up your files, frequently and automatically! That won't stop a malware attack, but it can make the damage caused by one much less significant

If your computer has been infected with ransomware, you'll need to regain control of your machine.

  • Reboot Windows to safe mode
  • Install antimalware software
  • Scan the system to find the ransomware program
  • Restore the computer to a previous state

But here's the important thing to keep in mind: while walking through these steps can remove the malware from your computer and restore it to your control, it won't decrypt your files. Their transformation into unreadability has already happened, and if the malware is at all sophisticated, it will be mathematically impossible for anyone to decrypt them without access to the key that the attacker holds. In fact, by removing the malware, you've precluded the possibility of restoring your files by paying the attackers the ransom they've asked for.

CSO, United Kingdom

Need Help
 
Contact usDrop a commentCall 08168981465

Leave a Reply

Your email address will not be published. Required fields are marked *


Math Captcha
27 − = 17