Ransomware Malware | Understanding Ransomware

Ransomware is a sub-category of malware, a class of software designed to cause harm to a computer or computer network

Ransomware is a sub-category of malware, a class of software designed to cause harm to a computer or computer network. Ransomware as “an ever-evolving form of malware designed to encrypt files on a device, rendering files and the operating systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption the infected device. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. Ransomware proliferates in diverse ways, including through exploitation of vulnerabilities, as well as social engineering tactics, such as “phishing” emails that deceive employees within an organization to open attachments that launch the malware program that then infects the computer and then the computer network. Once launched, the malware may connect to a command-and-control server to enable the criminals to move laterally across networks and encrypt and/or exfiltrate the organization’s data.

Ransomware victims are typically prompted with a screen informing them that their data has been encrypted, with instructions for how to restore their systems by sending payment via cryptocurrency. Not all attacks result in data encryption, but most do. You may have heard stories of attacks on large companies, organizations, or government agencies, or perhaps you as an individual have experienced a ransomware attack on your own device. It’s a significant problem and a scary prospect to have all of your files and data held hostage until you pay up.

Types of ransomware


There are three main types of ransomware, ranging in severity from mildly off-putting to Cuban Missile Crisis dangerous. They are as follows:

Scareware Ransomware
Scareware, as it turns out, is not that scary. It includes rogue security software and tech support scams. You might receive a pop-up message claiming that malware was discovered and the only way to get rid of it is to pay up. If you do nothing, you’ll likely continue to be bombarded with pop-ups, but your files are essentially safe.

A legitimate cybersecurity software program would not solicit customers in this way. If you don’t already have this company’s software on your computer, then they would not be monitoring you for ransomware infection. If you do have security software, you wouldn’t need to pay to have the infection removed—you’ve already paid for the software to do that very job.

Screen Lockers Ransomware
Upgrade to terror alert orange for these guys. When lock-screen ransomware gets on your computer, it means you’re frozen out of your PC entirely. Upon starting up your computer, a full-size window will appear, often accompanied by an official-looking FBI or US Department of Justice seal saying illegal activity has been detected on your computer and you must pay a fine. However, the FBI would not freeze you out of your computer or demand payment for illegal activity. If they suspected you of piracy, child pornography, or other cybercrimes, they would go through the appropriate legal channels.

Encrypting Ransomware
This is the truly nasty stuff. These are the guys who snatch up your files and encrypt them, demanding payment in order to decrypt and redeliver. The reason why this type of ransomware is so dangerous is because once cybercriminals get ahold of your files, no security software or system restore can return them to you. Unless you pay the ransom—for the most part, they’re gone. And even if you do pay up, there’s no guarantee the cybercriminals will give you those files back.




Ransomware Malware | Understanding Ransomware

Ransomware is a sub-category of malware, a class of software designed to cause harm to a computer or computer network

ICMP | Internet Control Message Protocol | Comptia Security Plus

ICMP, Internet Control Message Protocol, Comptia Security Plus

IPsecP | Protocols | Well-known Ports | Comptia Security Plus

IPsecP - Protocols - Well-known Ports, Comptia Security Plus

Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM)

HOW TO ENHANCE CYBERSECURITY AS YOUR OFFICE REOPENS

How to enhance office cyber security, protect your office from ransomware

Protecting a Small Business Against Ransomware

Protecting a Small Business Against Ransomware, Basic Ransomware Defences

Security+: Cloud and Virtualization Concepts

The CompTIA Security+ certification has become a worldwide standard for recognizing competence in IT security and cloud and virtualization

Firewall and Switch Protection Mechanisms | Comptia Security Plus

Firewall and Switch Protection Mechanisms, CAM Overflow Attack

Ransomware Threats | Email Threat Simulation

Over 90% Of Ransomware Threats Are Initiated By Email

Comptia Security Plus | Access Control List

Comptia Security Plus | Access Control List