A short analysis of Ransomware in reference to Ohio ransomware attack
“Ransomware is more about manipulating vulnerabilities in human psychology than the adversary’s technological sophistication”
As the world is becoming more techno savvy so are the crimes associated with it. Last year’s top most cyber security threat as reported by Malwarebytes labs. Ransomware is kidnapping of data by the attacker, the attacker decrypt the data and demand a sum of money to provide the decryption key. An attacker typically get remote access of the device. Once they can access the computer they can control it and hold it for ransom. As has been reported by several websites on 2 Feb 2017, about the complete shutdown of Ohio town government. Ransomware has hit several local government offices in the US state of Ohio. The malware was found in Licking County government office which has locked up the entire state local government network. The ransom demanded has not been declared on sites. This attack has serious impact on Ohio since all other network has been blocked to reduce the serious threats.
The official says the data backup has significantly help. Other security measure which must be followed in order to reduce the impact are
- Backup Regularly : there are other risk besides ransomware that can cause threats to files and data. Back up data is always helpful
- File Extension must be enabled : Window setting has file extension disabled by default so it make it easier and detectable to identify file that are no commonly sent, such as javascript
- Document attachment received via mail ask to enable macros DON’T turn on the macros as a lot of infection rely on macros.
- Don’t stay logged unnecessarily and avoid browsing opening document.
- Updates are must : malicious threats that comes with mail are generally inspired from the bugs reported. So once the new update is release updates the system to patch the bugs
- Don’t open every link which comes with your email, also analyze the header of mail so as to authenticate the sender
There are different kind of ransomware attacks. The common type of ransomware attacks are
Reveton
was introduced in 2012. This ransomware sends a warning and is supposed to be sent by law enforcement agency. The warning will pop up by saying that the victim is guilty of holding unlicensed software and has broken copyright law. To achieve this the hacker requires to pay via anonymous prepaid service.
CryptoLocker
was launched in 2013. It is used to encrypt some important files by using some file extensions. The hackers threaten to delete the private keys of a victim if he or she refuses to make payment of some bitcoins. Research says that the key size of this attack is so large that it is impossible to detect the key.
CryptoWall
is used to target and harm several websites. It was attached to a advertising program. To give the scam a sense of publicity, the ads will redirect its victims to malicious websites. You can download the given payload from these sites by using a browser plug-in. The attackers created a particular payload with JavaScript and used it to download executable files that are disguised as legitimate jpg images. This makes it easy for the ransomware to avoid detection.
How to deal with ransomware…(if your system is hacked)
most important thing to keep in mind if you ever turns one of the victim of ransomware attack is that “DON’T JUST PAY THE RANSOME”, remember you are dealing with the hacker here so there is no guarantee that your date will be handled back to you safely as it was. The hacker might increase the ransom.
Next, if you can turn off the computer then you should turn of the computer as soon as possible, disconnect any network or wifi connections. There’s a chance you may be able to stop the attack before it’s complete.
Next see if you can restore from a recent backup. Backups are an important thing in general and very important in ransomware situations to recover copies of the files you’ve lost.
If you don’t have a backup that you can use, then you should go to our ransomware resource webpage. Also, there are ransomware helpline number available on the internet. You can call them for assistance.
“ In this year, we are expecting more ransomware attacks. The first line of defense is a knowledgeable workforce and understanding, identifying the curious mails and malicious ad, simulated phishing attacks. Guard your devices and files with proper understanding as one step could lead to serious damagA short analysis of Ransomware in reference to Ohio ransomware attack