The word ransomware is a type of malware that comes from the word ‘ransom’ and ‘software’, meaning it’s a malware that asks for a ransom.
If your computer gets infected, all the data gets encrypted by the malicious malware, which makes it a ‘hostage’. Therefore, you won’t be able to not only use your data but also the entire system and the computer.
The attacker usually asks for money in return for data recovery. Ransomware is very well known to have caused tremendous damages across the world.
Types of Ransomware and Route
1. Encryption Ransomware
Encryption ransomware disables the ability for users to access and use the data.
This ransomware can happen via using ‘PsExec’, a remote control. In order to use PsExec, the attacker needs the user’s authentication information.
Therefore, it is quite possible that the attacker has extorted the information by spear-phishing or using malicious malware for network intrusion already.
In March 2019, a Norwegian aluminum manufacturer ‘Norsk Hydro’ has suffered from Locker Goga’s attack, which caused a halt in the factory operation.
They then had to passivate all of their operations in order to separate overseas factories with operations network. Due to this incident, the overall price of aluminum across the world had increased by little.
In addition, even England and Wales’ police organization association was attacked by encryption ransomware that encrypted all the data which caused a serious work paralysis for some time.
As ransomware is approaching various industries and public institutions causing financial losses and work paralysis one after another attack across the world.
2. Lock Screen Ransomware
Lock screen ransomware locks your screen to stop you from using the device. Usually, this type of ransomware is caused by malicious emails and mostly due to attachments and malicious links.
Recently, ‘Malvertising’ attack has been increasing dramatically as well. Malvertising, which comes from the word ‘Malware’ and ‘Advertising’, inserts malicious malware on legal advertising websites to spread malicious malware.
Even when the user surfs on a legal advertising website, the user still carries the risks of being infected by malicious malware. This is how the RIG crimeware kit infected 27,000 people in one day via malvertising which eventually caused massive ramifications.
3. Ransomware Worm
The highlight of all ransomware is the ‘WannaCry’ incident that happened back in May 2017.
It is a ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
Worm types can duplicate by themselves with or without certain files or targets. The infection route of WannCry ransomware was SMB1, which is a network protocol and back then had a weak point of allowing attackers to implement the malware remotely.
WannaCry took advantage of this and expanded across the world, which cause more than 230,000 computers in 150 countries to be infected.
Advancing Ransomware Technology
Since it isn’t 100% certain that you’ll get your access to your data back, most of the people tend not to pay for the price.
Furthermore, anti-virus software and OS functions are advancing and companies are preparing countermeasures to protect against ransomware.
However, it doesn’t mean that the attackers won’t advance their skills either. They have started to stop taking data as a hostage, but instead, infecting the computer with remote-controllable malicious malware and started using them for mining cryptocurrencies.
This type of malicious malware is referred to as ‘Mining Malware’.
In order to mine cryptocurrencies on a computer, it needs various processing powers including CPU power. Therefore if your computer gets infected by malware, it’ll be used to mine others’ (attackers, in this case) cryptocurrencies.
However, it can escape your observation thanks to unnoticeable changes it causes to the user’s computer. The attackers can obtain cryptocurrencies without consuming a lot of resources and since the bar of legal regulations is low, it is predicted that the number of attacks will keep increasing.
Mining Malware tends to be seen as less aggressive compared to ransomware or banking trojan.
However, the damages the companies suffer from can be above and beyond expectations and it is crucial to realize and protect the businesses from ransomware that specifically target enterprises.