Ransomware is a malicious software that encrypts and blocks the victims access to the data .some ransom has to be paid to decrypt the data .Unlike other attacks ,victims are notified that exploit has been occurred and how to recover the kidnapped data.This is done by cryptoviral extortion,in which files are encrypted.The victims are given a specific date to pay the ransom .If they have failed to pay the ransom by date then they threaten to kill the private key which unlocks the device or destroy all the data encrypted.The attackers will target mainly on the home users because they have no cyber security education ,data backups ,fails to keep their software updated,online safety awareness ,lack of usage of proper antivirus tools.They also target the business people ,public institutions where they can get huge ransom and can encrypt the huge databases which can be sold for higher cost.Some of these ransomwares are Wannacry, Judicial, cerber,Locky,Torrentlocker,cryptolocker,cryptowall,CTB locker etc.
ZCryptor: ZCryptor is a self-propagating malware strain that exhibits worm-like behavior, encrypting files and also infecting external drives and flash drives so it can be distributed to other computers.
Torrentlocker :This spreads the spam through the emails and attacks the target with the delivery of the of the email /messages.It uses AES algorithm to attack the data.In aLao collects email address from the victims address to spread the malware behind the network.
Jigsaw: Jigsaw deletes the files progressively until the ransom is paid.The ransomware deletes the file after the single file after the hour ,deletes more files one by one after few hours.
Tesla crypt:It uses the AES algorithm like the other ransomwares to encrypt .It is typically distributed via the Angler exploit kit specifically attacking Adobe vulnerabilities.once a vulnerability is exploited it installs itself in the Microsoft temp folder.
To keep out of these cyber attacks / ransomwares one should back up their files up-to-date ,use of some external hard disks or storage devices to store these data , one should also look out for for features that will both shield vulnerable programs from threats (an anti-exploit technology) as well as block ransomware from holding files hostage,Awesome cybersecurity and finally Educate yourself on how to detect phishing campaigns, suspicious websites, and other scams because the most of the ransomewares attacking the systems will be through the social Engineering.Do not download the .exe files from mail.They look like the video/image files but they are malwares.Disable remote sharing option.
The impacts of ransomwares are temporary or permanent loss of sensitive /proprietory information,financial losses to restore the files ,harm to the organizations reputation ,disruptions to regular operations and also even they release ,it does not guarantee us that malware infection has been removed.The impact of this would be high like a global cyber attack has occurred in May 2017 which affected approximately more than 200,000 computers across more than 150 countries . The ransomware called wannacry exploits a vulnerability in the window operating system .The attacks hit the government companies and encrypt users computers demanding for the payments in exchange of the locked files . This attack happened recently due to which ATM s were not functional and many of the corporaters urged to back up the files and upgrade the systems .But due to the high alert and all the tight security prevented from the loss / impact from the ransomware ,wannacry.The attack was brought under control by an “accidental hero”, a security researcher who wants to be identified only as MalwareTech, who discovered a hard-coded security switch in the form of a link to a nonsensical domain name. He bought the domain name for $10.69, and this triggered thousands of pings from affected devices, thus killing the ransomware and its spread. If this had not been discovered, millions of computers worldwide could theoretically have been locked within a few days, affecting all kinds of services globally. Within hours of this attack, many surgeries were reported to have been put off, x-rays cancelled, and ambulances called back — just in the UK, where at least 40 hospitals under NHS were affected. It had been long feared that an attack of this nature could bring public utilities or transport systems to a halt, forcing the government to pay a huge ransom to normalise services that day appeared to have arrived.