Ransomware is fast becoming a huge challenge to the corporate world. Ransomware is a kind of malware that limits access to the computer system that becomes infected,
whereby demanding some sort of ransom
paid to the creator(s) of the malware in
order for the threat to be removed. Some
forms of ransomware encrypt files on the
system’s hard drive (cryptoviral extortion,
a threat originally envisioned by Adam
Young and Moti Yung), while others work
to just lock the system, displaying messages intended to intimidate users into
While its complete origins may be
unclear, it is believed to have soared in
popularity in Russia. The use of ransomware scams has now become widespread
globally. CryptoLocker, a ransomware
worm that surfaced in late 2013, had procured an incredible estimated $3 million
before it was taken down by authorities.
Security software vendor McAfee
released data showing it had collected
more than 250,000 unique samples of ransomware in just the first quarter of 2013
alone. This confirmed the shocking trend
of more than double the number it had
obtained in the first quarter of the previous year.
threats are delivered via malicious email attachments or via websites.
Unfortunately, ransomware is becoming
more and more sophisticated and complicated. One of the most popular examples, CryptoLocker, starts encrypting
personal files as soon as it gains access
to the system, preventing access to the
files without knowing the encryption key.
CryptoLocker then displays a message
informing that files have been locked with
encryption providing just a few days to
pay. If paying $300, the encryption key is
provided to recover files. CryptoLocker
offers help in choosing a payment method
and, after paying, the criminals seem to
actually provide a key to restore files.
These ransomware attacks are designed
to trick users into thinking some laws have
been broken or that engagement in some
kind of illegal activity demands a penalty
for these actions. The claim is the computer will be released upon payment.
There are several possibilities for ransomware infection.
user surfs the Internet,
The next most likely threat is to receive
an email with malicious software, sometimes from a known contact.
It can also arrive disguised as some fake
invoice that demands immediate attention. A click to find out more information
caused the computer to be infected.
Care must be taken with downloads due to contaminated downloads
from chat rooms, forums and peer-to-peer networks or social networks, and
especially download portals for illegal
software, music, movies, etc. Even performing a seemingly harmless file (such
as a piece of music) can cause malicious
software to be installed on the computer. Often this is only noticed when
restarting the computer, when instead
By Dr. MICHAEL C. REDMOND, MBCP, FBCI, CEM, PMP, ISO Certified
& VIBHAV AGARWAL