Cisco: Ransomware – What it is, how to avoid it and what to do if it gets you
Ransomware has been all over the news since 2015. You’d think we would all know how to deal with it and the fad would be dying by now. Well, that’s what I would think. It turns out that ransomware generates a lot of cash for criminals, an estimated $1 billion in 2016. It also has a low cost structure (so, very profitable) and the victim directly sends the perpetrator money.
What is ransomware?
In short, ransomware is malware that prevents you from accessing data on your PC. This either by encrypting as much of your personal data on your PC as it can find or by locking your screen. Then it issues a demand for ransom to you – give the bad guys money and they will let you access your data. Most commonly, ransomware infects your PC when you click a link in an infected e-mail. For more details, let’s go to the experts. The Cisco 2016 Midyear Cybersecurity Report and a detailed study from Talos give a good analysis of ransomware and trends and directions we can expect from crimeware operators pushing ransomware. For a nice infographic summary of the problem, check here. Cyber security specialists should read it, although I suggest everyone have a look at the executive summary at the least.
A Ponemon survey of companies who were affected by malware includes cautionary facts for those who might be thinking they will just pay the ransom and go on. Most of the companies who paid, paid over $1,000 per PC to recover their data. But only 55% of the companies that paid the ransom received the decryption keys to get their data back. The cheapest ways out of a ransomware attack are: try hard to avoid the social engineering tricks (don’t let it happen) and keep backups of data you value. Please don’t pay the ransom.
How does it spread?
Speaking broadly, the most common method of spreading ransomware is by social engineering. Social engineering works by tricking you into infecting your own computer by falling for a trick the malware author tries to play on. This is usually by e-mail, but it could be a malicious ad on a web page or a malicious web page. The trick is usually some enticement to click on an attachment or a link to a document, picture or video. Microsoft Office files, PDFs and multimedia files can all be the carriers for the ransomware program. Once you click, the ransomware finds your files on the computer and encrypts them. Then it demands a ransom if you want them back.
Read the entire article here, Ransomware – What it is, how to avoid it and what to do if it gets you
Via the fine folks at Cisco Systems.
White Papers
Application Lifecycle Management with Stratusphere UX – White Paper
Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]
Share this:
2018 Will Be The Year of Citrix Migration! eG Innovations and DABCC Survey Reveals Industry Trends for XenApp and XenDesktop 7.x Migration
IGEL Community Releases Free “How-To Install and Configure the IGEL Software Platform” Made Easy Book
IGELl’s Security Enhancements for Thin Clients – White Paper
White Paper: IT Performance Monitoring Tools – Reading Between the Lines
Does Deploying Citrix in the Cloud Make Performance Monitoring Easier? – White Paper