Ransomware is a type of malware whose purpose is to lock a target’s files, keeping them locked until the owner pays a fee to the attacker. It is primarily for financial ransom, using information as a chip or leverage.
Ransomware is considered an increasingly important threat because it is spreading quickly and affecting businesses, governments, and individuals. New data showed an increase of the frequency of the attacks, resulting in significant material losses, business implication, and negative imagery impacts.
The main aim of the report is to discuss the characteristics of ransomware, provide an overview of recent ransomware attacks, and identify measures which can be taken to improve the organisations’ resistance to ransomware.
In the present report, different kinds of ransomware are described, recent large-scale incidents are reviewed, and general and technical preventive measures and recommendations are provided.
Briefing on History of Ransomware
Ransomware has developed much since its first known incident – the so-called “AIDS Trojan” in 1989. The first attacks were crude, employing no encryption at all or only quite rudimentary forms of it. The new strands of ransomware including, Ryuk, REvil, and LockBit, uses complex methods in invading and inflicting the most damage. In recent years the hackers have turned from targeting single individuals to corporations, hospitals and government agencies and as a result the ransom rates have gone up and the consequences are much worse.
Types of Ransomware
[1] Locker Ransomware
This one locks everyone out of the device, and keeps victims from accessing their computer till they pay the ransom. It is mainly aimed at system functions critical for the life of the system, but it does not affect files.
[2] Crypto Ransomware
This variant encrypts the user’s documents, with the documents becoming almost inaccessible. Those who fall victims are forced to part with more cash to be able to get a decryption key. This is the most frequent form and the most destructive in terms of what it attacks, namely the blocks of sensitive information.
[3] Ransomware-as-a-Service (RaaS)
RaaS has availability of ransomware tools for the attackers for monetary charge or commission sharing. That it enables less technically inclined hackers to stage efficient attacks on the networks.
In the Next Article, I will share the Impact of Ransomware Attacks. Have a great day ahead!
