Find a Partner
Cyber security threats and attacks are always evolving. Viruses, worms, trojan horses, spyware, adware and scareware have all been around for a long time. One type of malware, however, has been grabbing headlines and creating headaches for users and IT professionals alike: ransomware.
Ransomware is defined as a type of malware that creates a restriction of some type on the user’s computer. In order to remove the restriction, the user must pay a ransom, typically in bitcoin. This form of crimeware is unique in that it tries to coerce the user into directly paying the criminal–effectively turning the malware itself into a way for the attacker to profit. Over the past five years, ransomware has become more and more widespread because of the initial success of cybercriminals in convincing victims to pay to recover their files.
Hackers often use trojan horses to spread ransomware. A trojan horse (or simply, “trojan”) is any program which disguises itself in order to get a user to install or execute it. Trojans often masquerade as system or software updates, macros or other software add-ons. In reality, they carry malicious payloads that can have any number of undesirable effects: giving the hacker privileges on the computer via a “backdoor”; destroying files or corrupting disks; taking control over computing resources to use some or all of them as part of a “botnet”; or even stealing personally identifiable information like name, address, credit card information or other sensitive data directly or by “keylogging”. In the case of ransomware, the trojan hides the malicious code and tricks the user into executing it. The ransomware then is able to infect the host computer (and possibly all mounted disks and network shares).
Notorious ransomware like WannaCry, Petya, Cryptolocker and Locky all work in similar ways. These widespread exploits all attack files on the victim’s computer and encrypt them with a private key known only to the hacker. This makes the files useless to the victim; they can no longer access the contents without the key. To obtain the key and decrypt the files, the victim must follow the criminal’s instructions to make payment and obtain the decoder.
The Art of Avoiding a Phishing Attack
Ransomware can be distributed through the same vehicles as other malware: software downloads from websites, attachments to emails, and even malicious ads (known as “malvertising”) delivered over online ad networks.
Even today’s sophisticated malware protection can be circumvented by ransomware. The best approach to security is multi-layered and requires vigilance from both IT professionals and their end users.
Ransomware is not going away anytime soon. It is an evolving attack scheme that cybercriminals are pouncing on to gain a quick buck. Untangle’s NG Firewall solution can stop hackers from gaining access to your devices at the gateway to the network, preventing ransomware from ever reaching your users. NG Firewall is an all-in-one security solution that provides enterprise-grade perimeter security in a way that is easy to buy, use and install. Contact us today to find out how Untangle can help keep your network secure.
For more information on Untangle products and services, please fill out the form and we will contact you shortly.
Copyright © 2021 Untangle
1 (866) 233-2296