The term “Ransomware” is quite familiar in cyber security circles now. But, imagine a situation 10 years back- where you’re seeing an alert message on your PC such that your machine/files are locked up and demanding a ransom for unlocking it. Might be hard to conceive, right?
Yes, ransomware can infect your PC’s any time if you aren’t prepared well. Once infected, they may either encrypt your personal files (like Cryptolocker) or block your entire PC access (like WinLocker).
Through various methods, a ransomware can reach on your PC – visiting malicious websites, opening spam emails, opening suspicious email attachments and through many other ways.
— Microsoft MMPC (@msftmmpc) May 27, 2016
Rise of Geographic Tracking Ransomware
Remember Joseph Edwards, a 17-year kid from Berkshire, who hanged himself after receiving a fake police warning to pay a fine of 100 pounds for browsing illegal websites. The case was reported on 2012. It was a ransomware, Reveton (also called Police Ransomware or Police Trojan) infected on Edward’s PC.
Reveton had a specialty. It was capable of tracking geolocation of its victim. Thus, people leaving in the US used to get the warning message from FBI whereas for French people, the messages would be labelled from Gendarmerie Nationale.
It was on 2013, the infamous file encryption ransomware program CryptoLocker, hit for the first time. According to University of Kent’s 2014 security research report, 1/30 systems affected by this ransomware, and 40% of those paid the ransom.
Experts have suggested several measures to mitigate the severity of a CryptoLocker attack. But, these attacks are only increasing in number. In the very next year, CryptoWall, a close variant of CryptoLocker, affected many PCs globally.
Keith Jarvis, Dell SecureWorks counter threat unit researcher, presented a threat analysis report on these ‘CryptoWall’s. By his report, CryptoWall affected 625,000 victims within 5 months encrypting 5.25 billion files and collecting more than $1 million in ransoms!
Future of Ransomware
Joe Marshall is a security researcher at Cisco Talos. In his opinion, in future, we’ve to expect the threat from “self-propagating” malware or cryptoworms.
In a threatpost article, he has shared his thoughts on this. He says “This new ransomware is a mix of old and new. It has adopted self-propagating properties of worms and malware of the past. And it has new tricks when it comes to traversing corporate networks laterally to find the most vulnerable targets,”
Here’s an infographic on ransomware.
Share this Image On Your Site
Please include attribution to safewithtech.com with this graphic.