Thanks to crypto ransomware, criminals seem to be having an open season in a world driven by internet-based communication.
According to Kaspersky Lab reports, between 2015 and 2016, the number of internet users who encountered one form or another of crypto ransomware increased from over 1.9 million to 2.3 million compared to the previous year (Kaspersky Lab). The hardest hit countries included the United States, Germany, and Italy. Crypto ransomware has indeed become an epidemic that everyone should not only be wary of but learn how to avoid it too.
What is Crypto Ransomware?
Crypto Ransomware is one of the recent forms of malware that attacks a computer by restricting the user’s access to files stored in the computer. The malware displays an on-screen alert advising the user to pay a given amount of money through anonymous methods such as Bitcoin, to regain access to his or her files.
There are many variants of crypto ransomware, commonly known as CryptoDefense, CryptoWall and CryptoLocker, which are spread through emails, instant messaging applications, and drive-by downloads. As soon as your computer is infected, the crypto ransomware takes control of all your files, locks up everything with an unbreakable encryption, and asks for a ransom of up to $500 in cryptocurrency or have all your files destroyed.
Crypto Ransomware uses social engineering techniques to lure computer users into running the malware. For instance, the victim will receive an email with a password-protected zip file attachment allegedly from a close friend or a reputable company. Once you open the file, the ransomware infection takes over, effectively restricting access to all your files.
Typical Stages of Crypto Ransomware
A crypto ransomware attack follows a typical 5-stage process, namely:
- Installation through social engineering techniques. Once the user’s computer is infected the malware installs itself, sets its own keys in the Windows Registry to automatically start itself and take over every time the computer boots up.
- Contacting the author’s server. Before the ransomware attacks it contacts a server operated by the criminal gangs.
- Keys and handshake. The ransomware server and client – in this case your computer – identify each other in an intricately designed handshake. The server then generates a pair of cryptographic keys. One key is saved in your computer and the other one kept in the criminal’s server.
- Encryption stage where the ransomware encrypts all the files in your computer
- Extortion stage where the ransomware finally hijacks your computer and displays a message demanding for a given amount of money within a given time frame before they destroy all your files. The ransom must be paid in untraceable electronic payments such as Bitcoins.
How to Stay Safe from Crypto Ransomware
Crypto ransomware is spread through emails and other social engineering techniques such as instant messaging. Drive-by downloads are also known to spread many forms of malware including ransomware attacks. But there are ways to protect yourself both as a personal computer user or as a corporate entity. Here’s how:
Security Tips for Consumers
Here are a few ways consumers can protect themselves from ransomware attacks:
- Always have a reliable anti-virus or security solution in your devices. Never turn off advanced security features that can detect and prevent ransomware attacks.
- Keep all the software installed on your computer updated. Operating systems and other commonly used applications such as Java, Firefox, Chrome, and Microsoft Office have automatic update features that should be kept on at all times. Most of these updates provide advanced security features.
- Avoid downloading files from unknown sources. Scan all downloads before you open them.
- Create a cloud back-up for your important files and data
Security Tips for Businesses and Corporate Entities
- Back up all important files and data
- Have a strict write permission restriction policy for all your file servers
- Have an advanced endpoint protection that can detect malware and malicious traffic
- Block access to suspicious websites with web and email protection
- Educate staff and all system users about signs of potential security threats
- If you suspect an attack or infection, disconnect from all networks at once.
Importance of data backup
According to Panda Security, it’s important to have a backup system in place for all your files to mitigate damage caused by ransomware, hardware problems, and other potentially harmful incidences. Storing critical data in your computer or local server can result in massive losses in the unfortunate event of a ransomware attack.
Folderit provides a secure and efficient cloud document management system for both small and medium businesses. With a secure and easy to use Folderit cloud DMS, you’ll be safe from the adverse effects of a crypto ransomware attack.