Ransom ware is a type of malware from crypto virology that publishes personal data and blocks the access of our PC by putting a virtual lock. The lock is released only when the demanded ransom is paid to the hacker.
Sometimes the attacks are simple that a knowledgeable person can easily break the lock and unblock the files. Some enhanced malwares like Crypto viral extortion makes it a serious threat to the user and have no other option than paying the ransom to decrypt them.
Major payment methods used:
- Wire transfer
Wire transfer is a method of electronic fund transfer from one person or entity to another. A wire transfer can be made from one
bank account to another or through a transfer of cash at a cash office.
- Premium-rate text messages
Premium-rate text is a mobile phone billing enabler that allows people to pay for their goods or services by sending or receiving messages from premium rated phone numbers known as short code.
- Pay safe cards
Pay safe card is a prepaid online payment method based on vouchers with 16 digit pin code independent of bank account, credit card or any other personal information.
- Bit coin
Bit coin is a crypto currency invented in 2008 by an unknown person or a group of people using the name Satoshi Naka motto. It is a decentralized digital currency without a central bank or a single administrator that can be sent from user to user on the Bit coin network.
1 Bit coin=29,04,849 INR
Trojan virus is the major type of malware used in these kinds of cybercrime. Trojan is attached to a mail and sent to the target. Once he opens the mail, a payload is generated which claims to lock the system. This virus sometimes generates a fake warning symbol making the user believe that the system is used for illegal activities like pornography or pirated Medias.
Once a highly danger malware known as the Winery worm was found to travel between two PC’s without any external interaction. This gives a clear cut picture of the advancement of the cyber hackers.
Ransom ware started to spread internationally by the end of 2012. There were 181.5 million ransom ware attacks in the first 6 months of 2018.
To safeguard from these attacks Govt. announced two software’s named Crypto guard and crypto wall which accrued between 3 to 18 million US dollar by June 2015.
Locker ransom and Crypto ransom are the two forms of ransom ware that are currently the most widely used types of malwares. Locker ransom just locks our basic computer function and releases them once the transaction is done. Whereas Crypto ransom encrypts sensitive documents and threatens to destroy them if not paid what is asked for.
The 3 main ways ransom ware can infect your computer are:
- Spear phishing
Spear phishing is a method of passing the virus from the attacker to the target by sending emails. Once he opens the mail, data’s get encrypted and the system gets under the control of the attacker.
- Watering hole
Watering hole is a computer attack strategy in which a hacker guesses or observes which websites an organization or individual uses and infects them with malware.
- Scare ware
Scare ware is a malware tactic that manipulates users into believing they need to download or buy some software’s that would help them in some ways. Scare ware usually comes as a pop up ad that takes the advantage of the users to install fake software’s.
True stories
- In 2020 a ransom ware name Ryun spread through emails containing dangerous links and attachment. This was the most expensive ransom ware case reported. They demanded more than million USD for the release of the document. More than 1000 companies faced this attack.
- 2018 brought about a new strain of ransom ware named Sam Sam that infected the city of Atlanta. They spent around 2 million USD to repair the damage.
- Teslacrypt was evolved during the mid-2015. These targeted game files initially. It then gradually began to block maps and user profiles. In this scenario people were forced to pay at least 250 USD to get back the files and data.
How to stop these attacks?
One of the major step to prevent ransom ware attacks is to have a
Strong endpoint security solution. These security software’s are installed in your end point devices and helps to detect any abnormalities in the functioning of the device.
Always secure your email communications with with URL defences and attachment sandboxing to identify threats and blocks.
Do not visit dangerous websites and download malicious files. This helps to prevent Trojan from entering your device.
Do regular data backup and recovery of files. Make sure that the data’s are backed up in multiple places including your main storage, on local disks and in cloud storage. This helps in mitigating the loss of encrypted files and regain functionality of the system.
As per the law, Section 77 A of ITI Act, the subject to certain exceptions, all offenses under IT Act for which the punishment is imprisonment for a term of 3 years.
Giving and taking ransom is a punishable offense. Safeguard yourself from these money making threats. Stay alert!