Cisco: Ransomware – What it is, how to avoid it and what to do if it gets you
Ransomware has been all over the news since 2015. You’d think we would all know how to deal with it and the fad would be dying by now. Well, that’s what I would think. It turns out that ransomware generates a lot of cash for criminals, an estimated $1 billion in 2016. It also has a low cost structure (so, very profitable) and the victim directly sends the perpetrator money.
What is ransomware?
In short, ransomware is malware that prevents you from accessing data on your PC. This either by encrypting as much of your personal data on your PC as it can find or by locking your screen. Then it issues a demand for ransom to you – give the bad guys money and they will let you access your data. Most commonly, ransomware infects your PC when you click a link in an infected e-mail. For more details, let’s go to the experts. The Cisco 2016 Midyear Cybersecurity Report and a detailed study from Talos give a good analysis of ransomware and trends and directions we can expect from crimeware operators pushing ransomware. For a nice infographic summary of the problem, check here. Cyber security specialists should read it, although I suggest everyone have a look at the executive summary at the least.
A Ponemon survey of companies who were affected by malware includes cautionary facts for those who might be thinking they will just pay the ransom and go on. Most of the companies who paid, paid over $1,000 per PC to recover their data. But only 55% of the companies that paid the ransom received the decryption keys to get their data back. The cheapest ways out of a ransomware attack are: try hard to avoid the social engineering tricks (don’t let it happen) and keep backups of data you value. Please don’t pay the ransom.
How does it spread?
Speaking broadly, the most common method of spreading ransomware is by social engineering. Social engineering works by tricking you into infecting your own computer by falling for a trick the malware author tries to play on. This is usually by e-mail, but it could be a malicious ad on a web page or a malicious web page. The trick is usually some enticement to click on an attachment or a link to a document, picture or video. Microsoft Office files, PDFs and multimedia files can all be the carriers for the ransomware program. Once you click, the ransomware finds your files on the computer and encrypts them. Then it demands a ransom if you want them back.
Read the entire article here, Ransomware – What it is, how to avoid it and what to do if it gets you
Via the fine folks at Cisco Systems.
White Papers
‘All You Need to Know About Microsoft Windows Nano Server’ Veeam White Paper
Now updated for Windows Server 2016 GA release! You probably heard about Windows Nano Server already … but what is it exactly, and how do you get started with it? What value will it bring to your environment? Nano Server is a headless, 64-bit only deployment option for Windows Server 2016. Microsoft created this component specifically with […]
Share this:
‘The Citrix Administrator’s Guide to Citrix ICA/HDX’ White Paper
‘The Technical Guide to Migrating from Citrix 6.5 to 7.x and Replacing EdgeSight’ White Paper
Complete Guide to Understanding the Citrix Logon Process
‘Securing IGEL OS Endpoints’ White Paper
‘Managing Java Application Performance in a Citrix Environment’ White Paper