Ask any IT professional what today's biggest cyber threat is and he or she will probably say ransomware. From home PC users to hospitals, schools, banks, and even government institutions, ransomware is being deployed in all types of systems.
What is Ransomware?
Ransomware is a special type of malicious software that seeks to restrict access to data until a ransom is paid. Some of the most basic forms of ransomware work by locking the entire system while displaying a message asking the victim's to pay a ransom. Newer and more advanced ransomware, however, systemically encrypts the victim's hard drive, requiring a ransom to be paid in exchange for the encryption key.
What's even more alarming, however, is that even if the ransom is paid, there's no guarantee that the victim's files will be unlocked. The victim may pay the full ransom, believing that it will fix the problem. But after paying, the files remain encrypted and inaccessible.
How Common is Ransomware?
Just how much of a problem is ransomware? According to an article published by Security Magazine, more than 4 million ransomware infections were identified in the second quarter of 2015, compared to just 1.5 million infections in the third quarter of 2013. Ransomware was even named “one of the biggest threats in 2016” by the cyber security and anti-virus firm Trend Micro.
Ransomware in the Financial Sector
The rise of ransomware attacks in recent months prompted the US Federal Financial Institutions Examination Council (FFIEC) to issue a warning to banks and financial institutions. The FFIEC said there's been an increasing number of ransomware attacks against financial institutions, many of which seek to extort up to $5,000 each. An analysis by Easy Solutions found that ransomware attacks on banks and financial institutions often involve the use of fake screens that look the FBI or Department of Homeland Security. So the bank believes that it has been penalized for non-compliance, with the FBI or Department of Homeland Security requiring a payment in order for the restrictions to be lifted.
Notable Examples of Ransomware
While there have been hundreds of different types of ransomware deployed, some of the most notable include the following:
Mitigating the Damage of Ransomware
Cyber security analysts are still working on a solution to combat the growing problem of ransomware. However, there are certain steps that organizations can take to lower their risk of infection, or when an infection has already occurred, mitigate the damage.
During the early stages of a ransomware attack, the targeted organization should eliminate the malicious software and its respective components. The encryption process takes a while to complete, so removing the ransomware during this process can mitigate its damage.
Of course, organizations should also get into the habit of creating regular backups of their data. If the ransomware has already encrypted the entire hard drive, having a backup copy on hand can restore it to working order.
Photo credit: Cristiaan Colen
Thanks for reading and feel free to let us know your thoughts in the comments below regarding ransomware.