Ransomware differs from the usual forms of malware that typically steal data or disable computer systems, whereas it locks and encrypts your system and asks for a ransom to release your data. Should you fail to pay on time, your will either lose the opportunity to get a decryption key or the ransom increases the longer you delay. In any case, you are stuck in a position where you are going to incur huge costs to retrieve your data through recovery methods or, more expensive in more ways, paying the ransom. Scary stuff, indeed.
It is also worth noting that hackers are now also employing new methods of spreading ransomware such as via hijacked educational ransomware solutiions, or through scripting software that can be loaded through browsers. While other strains of ransomware only lock computer systems, many new strains both lock and encrypt at the same time. Everything becomes inaccessible to the user!
To be more specific, here are the top 5 ransomware threats you should be on the lookout for:
CryptoWall first appeared in early 2014 and continues to be a real threat well into 2017 and possibly beyond. It comes from a family of file-encrypting malware and is primarily distributed via exploit kits, spam campaigns, and malvertising techniques – attacks from infected advertising networks. This virus attacks important files and data such as financial data, and customer data. Their ransom increases after each missed ransom window.
One of the more known variants of ransomware, Petya attacks are characterized by a full system lock by attacking the infected machine’s master boot record on its boot drive. Instead of loading the operating system, Petya will load its own loader program. Once this malicious code is loaded it further proceeds with encryption of more data, encrypting a significant portion of a system’s hard drive. Petya’s usual modus operandi is delivery and infection via spam emails. There exists an updated version of Petya known as Mischa.
Mac users beware. Remember how you were always told that Macs don’t get viruses? Not true. KeRanger is the first ever ransomware known to attack Macs. It was found spreading through the popular open-source BitTorrent application, Transmission. KeRanger encrypts everything in the account’s user folder as well as files with common document extensions found in the volumes folder.
As the name implies, Locky attacks are meant to lock you out of your data, but operates differently by changing file extensions to “.locky” to keep you from finding and accessing your data. On top of that, Locky employs RSA-2048+AES-128 encryption (sophisticated data encryption standards for the non-techy types out there) to make it more difficult for you to retrieve your valuable information. Infections occur when users download infected email attachments which trigger its installation on the target machine.
Locky is considered by many to be one of the most dangerous ransomware strains.
Finally, we get to one of the most infamous ransomware out in the wild. CryptoLocker is widely considered to be one of the most disastrous ransomware due to its combined effect of locking you out of your system and permanently destroying your data beyond recovery. This is spread through malicious email attachments from institutions or companies familiar to its target users. Failure to pay the ransom triggers the destruction of the only copy of the private decryption key, keeping you from ever recovering your precious data.
To keep the scares going, you’ll be less than pleased to know that there are currently more than 44,000 new strands or ransomware currently in the wild. A silver lining is that many of these strains are actually modifications of the most successful ransomware variants we’ve shared with you. This means that they can easily be detected and contained by trained IT professionals with the use of the latest tools in threat detection and management.
Ransomware will likely continue as a constant threat in the near future. Like we’ve always said, it isn’t a matter of IF you get infected, but rather a question of WHEN it will happen to you. No one is 100% safe. But, there are ways to reduce the risk when you are well educated and partner with experts in IT security.