Have you ever thought that someday someone will hack your files and data? As the most sophisticated malware program, ransomware is rapidly becoming a popular cyber attack as well as a top security threat for individuals and organizations. It installs covertly on a victim’s computer, encrypts all kinds of valuable data or blocks the infected system, and demands payment for releasing the data or system. There are ways to defend yourself and your company, and below are the 7 facts you must know about ransomware before you can do that.
1. Originated in late 1980s
Many people assume ransomware as a newly born malware program, but it is actually dated back in late 1980s. The earliest known ransomware was “AIDS” (also known as “PC Cyborg”), devised by Joseph Popp in 1989. It displayed a message claiming that user’s license to use a certain software had expired, encrypted file names on the hard drive, and then requested the user to pay US$189 to “PC Cyborg Corporation” in order to obtain a repair tool to unlock the system. It encrypted the file names using symmetric cryptography.
2. 76% of ransomware come from spam
According to a research conducted by Trend Micro, 76% of ransomware attacks come from spam or spammed links that are sent to enterprise and end users. Email is often a trusted source of information for many people but it is also a favorite ransomware distribution tool for attackers. Ransomware infection can happen with a single click on links or attachments in an email. It becomes very clear that one of the important actions companies need to do is to install stronger spam filters.
3. Ransomware-as-a-Service (RaaS) exists
The prevalence of ransomware is partly due to the rise of a trend known as “ransomware-as-a-service”. Starting from early 2015, cybercriminals set up ransomware platforms that performed all the necessary functions for the crime, reveals a McAfee Labs report. The coders rent out this network or sell ransomware to the cybercriminals who have little technical know-how, and get paid a commission whenever there is a successful ransom. The ability to buy ransomware for very cheap prices means that anyone can become a hacker.
4. Ransomware isn’t only attacking Windows
Cybercriminals are developing ransomware for a wide range of platforms and systems as they know that valuable data doesn’t just sit on Windows PCs these days. There have already been instances of Linux ransomware that targets web servers and encrypts mission critical web properties, as well as variants created for mobile devices. Storing data in the cloud won’t help because ransomware can attack cloud drives mapped to local machines.
5. Ransomware business has shifted focus from consumers to corporations
Years ago ransomware attacker’s main source of money came from consumers. At that time ransomware was still a phenomenon that randomly hit individual users on the Internet, blocking access to their computers or encrypting their data. But since the assets and data in corporations and organizations are much more valuable, cybercriminals have been gradually shifting the focus from consumers to corporations, with the aim to get as much ransom as possible.
6. Ransomware is not only an endpoint problem
In the past ransomware was an endpoint or client-side problem as the majority of attacks focused on user’s desktops and laptops. However, recent attacks show an increasing tendency of cybercriminals targeting server-side applications, including databases, shared file systems and customer management systems. From the attacker’s point of view, it makes perfect sense because a the business data on a server has a lot more value in comparison to a desktop or laptop.
7. Anti-virus isn’t enough for ransomware
Ransomware is fearsome because it has been an unbreakable program. Once infected, your choices are either pay the money or lose your data for good. When considering preventive measures against ransomware, it is important to know that relying on anti-virus alone doesn’t work out. Nowadays the advanced forms of ransomware can easily bypass any preventive system by ensuring the system won’t be able to detect the threats. You have to be proactive in order to avoid its trap. Start your anti-ransomware protection plan with comprehensive data backup today.
Do you want to know how to defend against ransomware? Check out this FREE eBook on 7 Essential Best Practices for Ransomware Protection now!