The Different Types of Ransomware Cyber-Attacks
It is quite normal to freak out when your precious data is held by some bunch of Cyber-Thieves and without proper protection against Ransomware Cyber-Attack, you could fall victim to a range of different Ransomware Cyber-Attacks.
This article explores such types of Ransomware Cyber-Attack and some of its famous examples.
Before we explore types of Ransomware Cyber-Attacks and famous examples of Ransomware Cyber-Attacks, let’s start with the basics what is Ransomware Cyber-Attack?
The Ransomware Cyber-Attack is a type of malware that Cyber-Thieves use to hold people to ransom. The Cyber-Thieves targets an individual or organization with Ransomware Cyber-Attack and plants a malware to their computers through links in phishing emails or by attachments, one of the latest technology to target the organization is by infecting websites with such malware. Once a computer or network is infected with Ransomware Cyber-Attack, the malware block access to the system, or encrypts the data on that system. Cyber-Thieves demand that the victims pay a ransom in order to regain access to their computer or data.
There are two main types of Ransomware Cyber-Attack: Crypto Ransomware Cyber-Attack and another is locker Ransomware Cyber-Attack.
Crypto Ransomware Cyber-Attack encrypts valuable files on a computer so that the user cannot access them.
Cyber-Thievesthat conduct crypto Ransomware Cyber-Attackmake money by demanding that victims pay a ransom to get their files back.
Locker Ransomware Cyber-Attack does not encrypt files. Rather, it locks the victim out of their device, preventing them from using it. Once they are locked out, Cyber-Thieves carryout locker Ransomware Cyber-Attack, which results in the demand of a ransom to unlock the device.
Now you understand what Ransomware Cyber-Attack is and the two main types of Ransomware Cyber-Attack that exist. Let’s explore 10 famous Ransomware Cyber-Attack examples to help you understand how different and dangerous each type can be.
Locky is a type of Ransomware Cyber-Attack that was first released in a 2016 Cyber-Attack by an organized group of Cyber-Thieves. This malware has the ability to encrypt over 160 file types and it spreads into your system by tricking you to install it via fake emails or with infected attachments. This method of transmission is called phishing, a form of social engineering.
Locky targets a range of file types that are often used by designers, developers, engineers, and testers.
WannaCry is Ransomware Cyber-Attack that spread across 150 countries in 2017.
Designed to exploit a vulnerability in Windows, it was allegedly created by the United States National Security Agency and leaked by the Shadow Brokers group. WannaCry affected 230,000 computers globally.
The Cyber-Attack hits a third of hospital trusts in the UK, costing the NHS an estimated £92 million. Most of the authentic users were jammed out and a ransom was demanded in the form of Bitcoin currency. The Cyber-Attack highlighted the problematic use of outdated systems, leaving the vital health service vulnerable to Cyber-Attack.
The global financial impact of WannaCry was substantial -the cybercrime caused an estimated $4 billion in financial losses worldwide.
Bad Rabbit is a 2017 Ransomware Cyber-Attack that spread using a method called a ‘drive-by’ Cyber-Attack, where insecure websites are targeted and used to carry out a Cyber-Attack.
During a drive-by Ransomware Cyber-Attack, a user visits a legitimate website, not knowing that they have been compromised by Cyber-Thieves.
Drive-by Cyber-Attacks often require no action from the victim, beyond browsing to the compromised page. However, the user only gets infected, if they click on an infected link or they download random software without determining the authenticity of the website. One must always remember that the malware is a code that is disguised in such software or links. This element is known as a malware dropper.
Ryuk Ransomware Cyber-Attack, which spread in August 2018, disabled the Windows System Restore option, making it impossible to restore encrypted files without a backup.
Ryuk also encrypted network drives.
The effects were crippling, and many organizations targeted in the US paid the demanded ransoms. August 2018 reports estimated funds raised from the Cyber-Attack were over $640,000.
The Troldesh Ransomware Cyber-Attack happened in 2015 and was spread via spam emails with infected links or attachments.
Interestingly, the Troldesh Cyber-Thieves communicated with victims directly over email to demand ransoms. The Cyber-Thieves even negotiated discounts for victims who they built a rapport with a rare occurrence indeed. However, It is never a good idea to negotiate with Cyber-Thieves. Avoid paying the demanded ransom at all costs as doing so only encourages this form of Cyber-Attack.
Jigsaw is a Ransomware Cyber-Attack that started in 2016. This Cyber-Attack got its name as it featured an image of the puppet from the Saw film franchise. This malware gradually exterminates more of the victim’s files each hour that the ransom demand was left unpaid. The use of horror movie imagery in this Cyber-Attack caused victims additional distress.
CryptoLocker is a Ransomware Cyber-Attack that was first seen in 2007 and spread through infected email attachments. Once the malware is done searching for the valuable file to encrypt, then it blocks those files to raise the demand of a ransom. This type of malware has affected around 400,000 systems and law enforcement eventually managed to seize a global network of compromised home systems that were used to spread this malware. This allowed them to control part of the criminal network and grab the data as it was being sent, without the knowledge of Cyber-Thieves.
Petya is a Ransomware Cyber-Attack that first hit in 2016 and resurged in 2017 as GoldenEye. It spreads through employment departments by running a fake job application email with an infected Dropbox link. Rather than encrypting specific files, this vicious Ransomware Cyber-Attack encrypts the victim’s entire hard drive. It does this by encrypting the Master File Table (MFT) making it impossible to access files on the disk.
The resurgence of Petya, known as GoldenEye, led to a global Ransomware Cyber-Attack that happened in 2017.
GandCrab is a rather unsavory Ransomware Cyber-Attack that threatened to reveal the victim’s porn-watching habits. Claiming to have compromised user’s webcam, GandCrab cyber-thieves demanded a ransom or otherwise, they would make the embarrassing footage public.
Now you understand the different examples of Ransomware Cyber-Attack that individuals and companies have fallen prey to in recent years.
Many of those targeted in the Ransomware Cyber-Attack we have discussed became victims because they clicked on links in spam emails, or they may have opened infected attachments.
So, if you are sent a Ransomware Cyber-Attack email, how can you avoid becoming the victim of a Cyber-Attack?
The best way to spot a Ransomware Cyber-Attack email is to check the sender. Is it from a trusted contact? If you receive an email from a person or company you do not know, always exercise caution. Avoid clicking on links in emails from untrusted sources, and never open email attachments in emails from senders you do not trust. Be particularly cautious if the attachment asks you to enable macros. This is a common way Ransomware Cyber-Attack is spread.
If you become the victim of a Ransomware Cyber-Attack, do not pay the ransom. Paying the ransom that the Cyber-Thieves are demanding does not guarantee that they will return your data. These are thieves, after all. It also reinforces the Ransomware Cyber-Attack business, making future Cyber-Attacks more likely.
If your data is backed up externally or in cloud storage, you will be able to restore the data that is being held to ransom. But what if you do not have a backup of your data? We recommend contacting your internet security vendor, to see if they have a decryption tool for the Ransomware Cyber-Attack that has compromised your privacy or visit the No More Ransom site – an industry-wide initiative designed to help all victims of Ransomware Cyber-Attack.
Avoid becoming a victim of the next Ransomware Cyber-Attack.