Ransom ware: What it is? How to Avoid it’s damages


You got an email from a new email user this morning and it has an attachment. Then You want to check the attached file which you think has some important information. When you clicked on it and probably your system stuck. Later on when you checked all your documents and pictures are changed to some random values with XXXX in them. Now you cannot see your pictures and your documents are not opening in their respective programs. This happened due to ransom ware attack.
What is Ransom ware?
Malicious software which can encrypt your documents files and show you a message to contact hacker for ransom money. Usually a bitcoin digital money. Most dangerous thing about ransom ware is that it is impossible to recover files without paying the ransom.
The new version of ransom ware which hit the world few days early is the Wannacry ransom ware. According to a report Ransom ware virus hit about 230,000 systems worldwide. The UK’s health organization NHS is one of the major victims. It mostly hit the windows versions which were not up-to-date.
Wannacry damage to systems around the world.
How it attack?
Emails with ransom ware attachments are always circulating on the internet from many years. You may have got many of them in your spam mails. It cannot harm you unless you execute them. There is a big mis-computation that ransom ware is spreading and there is nothing to stop it and it will break the whole internet. It’s rather easy to avoid them when you are cautious about the email attachments and keep your antivirus and operating system up to date.
With great power comes great responsibility, if you are an Admin or a Manager who has access to all of the company files. A single mistake like this can bring your company down. Ransom wares are mostly automated attacks and they can only trigger if someone execute them. But after execution they can spread across insecure network like a worm. Also they cannot do damage to routers, switches, Linux and Mac systems.

How NHS got affected of Wannacry?
Report says that it attacked on outdated computers. Also four in five hospitals were unaffected. The affected hospital has got some security software updates from provider which was also not applied.
We have tested a version of ransom ware and it was very threatening to documents on the system. There is no way you can recover the documents, it is only possible with a secret key from hacker, which can decrypt the files. Mostly hacker have left their signature and contact information. It mostly hit the documents and multimedia files. Ransome ware doesn’t affect system file. There is a version which can lock down your PC as well but I guess it’s rare.
Most dangerous thing about it?
The most dangerous point of Wannacry was that it was behaving like a worm and it was spreading through the smb/cifs protocol vulnerability in Microsoft operating system. It could have done more damage but it is said that there was an unregistered domain mentioned in the kill-switch of the Wannacry. A malware tech guy identified that domain, he registered it and that kill-switch got activated. It helped in stopping of Winery spread and it helped in identifying the affected systems.

How does it spread?
It mostly spread through emails and websites which has infected download links mostly the files convert into zip format and when you click on them they will hang your system during this system hang period ransom ware starts accessing all your documents, photos and multimedia files and starts encrypting them. The encryption of large number of files is a highly CPU intensive task and it makes your system stuck and it will stop responding to mouse and keyboard inputs.
Ransom ware goes to all the targeted files which you have access suppose your system is connected to your phone, external hard disk and a network drive. So all the documents files which your PC has access to at that time will get encrypted and become unsable. Antivirus can detect most of the ransom ware but there is always a new version of ransom ware, which can reach your system undetected if you are not following proper security measures.
Backups are the most important thing which can save you. I know it is not in our nature to take backups unless we got hit by a disaster but it is always best to have a backup plan, so that you can recover to a week early, rather than starting over a new company.

Conclusion
Ransom ware are a new breed of malware which can cause damage through mostly email attachments. But websites download lniks also contain ransom ware viruses, software cracks and can spread via USB and insecure networks with insecure shares. If you keep you computer and operating system update, you can avoid it. Avoid opening email attachments from unknown users. Awlays Avoid sharing your files with everyone on the network. Avoid use of USB unless you are sure it is clean.


Comments

Post a Comment

Popular posts from this blog

What is Dedicated Hosting?

Image
What is Dedicated Hosting? Dedicated hosting may be a hosting configuration within which a server is dedicated to one organisation or for one purpose, like a web site. This is often in distinction to shared hosting, within which a server acts as a bunch to multiple purchasers. An infatuated hosting service is typically brought up as an infatuated server and may be created in-house or outwardly as a service from at intervals knowledge centre. Let’s have a glance at a number of the advantages. Customization   – Dedicated hosting grants a definite freedom and management that different hosting solutions square measure unable to supply. The very fact that the server is devoted to 1 shopper and there aren't any cohabitants means the server (and overall hosting solution) may be tailored to the precise desires of that shopper. This ensures that they'll choose and buy the options that they need. Uptime – in an exceedingly world wherever convenience is everything and sh...
Read more

THE DIFFERENCE BETWEEN UNIQUE IPS AND SHARED IPS

Image
When someone types within the address: www.yourdomain.com that name is translated into numbers (called an IP address) then the pc is directed thereto IP address which is that the internet site. Every internet site on the web is found not by its name but by its IP address. You can reach a site by typing within the IP address alone which will take you on to the location. But note, not every single website has an IP address specifically allocated thereto . for instance, every single website on this server doesn't use different IP addresses. So you would possibly see jonswebsite.com and janeswebsite.com using an equivalent IP address. Basically what happens is that when jonswebsite.com is resolved into the IP address, the person trying to find jonswebsite.com arrives at the server; the server then realizes that the person is trying to find jonswebsite.com and sends that page to the person requesting it. Using quite one site on an IP address is named sharing IPs or a Shared IP ...
Read more

What is Web hosting?

Image
Web hosting is simple: it’s the covert action of your on-line activities. Your Web hosting resolution secures you Associate in Nursing assigned section of a server (you will even run the full thing!) that powers your web site. This server homes all of your vital data, serving it up to your web site guests once they want it: that's, once they sort your name into their search bar. Web hosting provides house and access for your web site on the web Before guests will read your web site, it should be revealed on a web server. this can be done by uploading all the files of your web site. WebPages area unit created from hypertext mark-up language and JavaScript, and pictures and videos and fonts. All of those should be uploaded to your Web   host in order that they'll be accessed by your guests. an online hosting service provides the house for these files, and permits them to be accessed over the web. How to opt for an online host Your Web hosting service so plays a vita...
Read more