Network-assessment

In this article, we give you a brief review of what is ransomware, the headache of all system administrators and people who work in IT support for years. Ransomware is a favorite cash cow of cyber criminals (aside from phishing), as reflected by how WannaCry, world-infamous ransomware which earned $4 billion for its authors. As we expect more news about ransomware infection from various sectors of society, it is prudent we fully understand what really is ransomware and its effects on its victims.

First of all, what kind of virus is ransomware?

Ransomware is a member of virus software called fee-based malware infection. When infected with this type of malware, user files will be locked and the user is requested to pay a certain amount for it to be decrypted. The bad thing is that when one computer gets infected, it spreads to other computers connected to the network. If you sent an email message from an infected computer, the email message will become infected and will affect the recipient if they do not take appropriate measures. In this way, virus software is self-propagating, so it not only becomes a victim but also a perpetrator without knowing it.

What happens if you get infected with ransomware?

Viruses have the property of repeating self-propagation, so when infected they spread more and more. In addition, ransomware encrypts the data and makes it impossible to read the data without a key to recover it. When you get infected with ransomware and data encryption is completed, a message such as “The data has been encrypted. Please pay x Bitcoin (BTC) if you want the files restored” is displayed. Normally, you will not notice that your computer has been infected with malware until you see this message. In addition, some ransomware doesn’t infect and encrypt data immediately, but first, they enter the computer and start working (encryption processing) after a while. It also means that all computers connected to are infected, hence becomes agents of infection against other health machines.

Originally, virus softwares were created as a digital vandalism and for fame, however these past decade, it becomes a money-making black market. Recently, in addition to indiscriminately sending in ransomware, attacks targeting specific companies and organizations, called targeted attack emails, have also begun. However, you need to be aware that the damage when you get infected is huge than you think.

How to protect data from ransomware infection?

  • The first barrier is anti-virus software

Ransomware comes mostly from infected via email. Of course, there are also infections from external storage media such as USB memory and DVD, but the ratio here is much lower. The primary barrier to malware infection prevention is to prevent emails with malicious payload. First of all, you have to solidify the entrance so that you don’t put anything suspicious inside. It is the antivirus software that plays this role. However, unfortunately, “it is safe because we have anti-virus software installed” is anti-virus protection. It is easy to understand if the virus itself is attached in executable form (in many cases the file extension is .exe) in e-mail, but there is a way to infiltrate the virus into Word, etc. It is not easy. Office software (Word, Excel, PowerPoint, etc.) has a macro function. The macro function is created as a program for automatically processing repetitive work, but since this macro program creates a virus, it is difficult to find out with a virus checker. Another email trick is a phishing email. Since phishing emails do not have a virus attached to their emails, they will slip through anti-virus software. However, if you click on the URL (address of malicious site) written in the email, the virus will be sent from the linked site.

  • The second barrier is security through user education

Even if the virus software attached to the e-mail can be eliminated by the entrance anti-virus software, it is possible to detect the virus hidden in the Word document data and recognize the e-mail with malicious URL described as the virus e-mail It is often not possible to do. So how can we prevent the infection? In this case, security education is the most effective way. Typical phishing emails are emails that talk about Amazon, Apple stores or any web-based businesses. Words such as are lined up. If you are an Amazon user, it will be a big deal if you click on the URL (if it’s just a virus infection) and if you enter personal information + credit card information, it will be troublesome if the account is closed. In order to avoid such damage, all employees need to have security awareness. Information leaks from low-security levels. If even one person is careless, you have to think that there is a virus infection from there.

If you get infected with a virus, what should you do?

Even if the device is locked down, and people’s awareness of security has increased. Even so, the chance of getting infected with the virus is not zero. The final point is to take measures on the assumption that “If you get infected”, “If it is”. The measure is “backup”. Even if you get infected with a virus and you can not use the computer (application software), you can still work on a computer that is not infected if the data is safe. When backing up data used at work, such as using the cloud that has become popular in recent years, let’s basically go to a place physically separated from the company. Not only anti-virus measures but also unexpected disasters such as natural disasters such as storms and floods or misfortunes that cause fires in the office, it is safe if there is data backup at a distant place.

Among virus software, especially ransomware is sent with the purpose of “ransom” request. And every year the trick is getting better, and as long as there is a company that pays a ransom, this kind of virus will never disappear. In addition to the economic loss of ransom, ransomware infection has many effects, such as stopping operations or becoming a perpetrator and losing trust from business partners. Measures to protect company property, including data backup, will become increasingly important in the future.

Related Resources :

Fileless Ransomware is an Emerging Threat for U.S: Report

Ransomware Prevention Tips for the Healthcare Industry

Here’s A Warning To The Police: Ransomware Is The New Criminal

Post a comment