Cyber Threats in Every Day Life

Damir Akhoundov
ERAI, Inc

Cyber Threats in Every Day Life

By: Damir Akhoundov

Everyone is on the lookout for computer viruses and different malware these days. They can make your computer become slow or unresponsive, trigger spam emails to be sent from your e-mail client and can compromise sensitive information. A majority of the population believes they are aware of the dangers these malicious surprises can cause resulting in inconvenience and annoyance, but what many individuals and business owners do not realize is that there is a new emerging threat that can swiftly render your entire company's (and customer’s!) data obsolete or even put it completely out of your reach. This is defined by Google as:

ran·som·ware: a type of malicious software designed to block access to a computer system until a sum of money is paid.

There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC. They can target any PC user, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider.

Ransomware usually either prevents you from accessing your operating system or encrypts files so you can't use them. It will demand that you pay money (a “ransom”) to get access to your PC or files. They have also been seen to make you complete surveys. There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again. Thus, this is a very serious threat for a business.

Lockscreen Ransomware

Lockscreen ransomware shows a full-screen message that prevents you from accessing your PC or files. It requires you to pay a monetary fee (a “ransom”) to get access to your PC again.

Encryption Ransomware

Encryption ransomware changes your files so you can’t open them. It does this by encrypting the files.

Ransomware can get on your PC from nearly any source that any other malware (including viruses) can come from. This includes:
  • Visiting unsafe, suspicious, or fake websites.
  • Opening emails and email attachments from people you don’t know or that you weren’t expecting.
  • Clicking on malicious or bad links in emails, Facebook, Twitter, and other social media posts, or instant messenger chats, like Skype.
It can be very difficult or impossible to restore your PC after a ransomware attack – especially if it’s infected by encryption ransomware.

The number of enterprise victims being targeted by ransomware is increasing. Usually, the attackers specifically research and target a victim (similar to whale-phishing or spear-phishing – and these in fact may be techniques used to gain access to the network). The sensitive files are encrypted and large amounts of money are demanded to restore the files. Generally, the attacker has a list of file extensions or folder locations that the ransomware will target for encryption. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to.

How to protect your business from Ransomware attack
  1. Use reputable antivirus software and a firewall. Maintain a strong firewall and keep your security software up to date. Use reputable antivirus software.
  2. Back up your data on a regular basis. Back up your files to files to an external hard drive, cloud or online backup provider to lessen the threat. If you are infected and your files are properly backed up, you can turn off your computer and re-install your software and files. Be sure to establish a routine for your backups to ensure the latest data is saved.
  3. Enable popup blocker features. Popups are often used to trick you into installing software or code, so simply avoid ever clicking on an infected popup by disabling popups in your Internet browser. If a popup does appear, click on the x in the right hand corner to close the dialogue box as many times what appear to be harmless buttons within a popup might be programmed to install ransomware or other malicious code.
  4. Exercise caution when clicking on links. Don’t click on links inside emails and websites and avoid suspicious websites. If your PC does come under attack, use another computer to research details about the type of attack. Be aware that often websites that purport to help are fake sites that may even advertise fake antivirus software or de-encryption programs.
  5. Disconnect from the Internet. If you receive a ransomware note, disconnect from the Internet to avoid transmitting personal data to the criminals. If you have backed up your data, you can re-install your files and software.
  6. Alert authorities. Ransomware is a serious form of extortion. Contact your network administrator or IT director who can then contact any relevant authorities.
Don’t be tempted to give in and pay the ransom. The consensus among the network security community is that paying the ransom would be a mistake because perpetrators will usually further extort their victim and most likely not release your information. Taking precautions to protect your information and maintaining vigilance are the best solutions to avoid becoming a victim in the first place.



SEE MORE BLOG ENTRIES