BY Aliza Bano | June 07, 2023
Abstract- Crime is a boorish act that is forbidden by law. Over the past two decades, Internet has created unprecedented new opportunities for offending in many forms. Numerous cyber threats are growing that have serious impacts on society in the form of economic disruptions, psychological disorders, threats to National Defence, etc. In addition to viruses, Malware & Ransomware are frequent problems seen by expounders. Therefore, the current manuscript provides a basic understanding of Ransomware with its type, evolution, target, and impact on society. At the end of the paper, some points have been discussed that help to menace the data & system from the attack of Ransomware.
With the advancement of time, scientific knowledge is applied to practical aims which assemble the task easier and assist to solve the problems of mankind that are termed as Technology. The Internet is also a type of technology based on information that provides data on the global network using Standardized Communication Protocols. At present, organizations including the public and private sectors use internet technology effectively and efficiently to fulfill their needs. The Internet became the backbone of every organization but at the same time, Cyber Attack is the biggest concern of organizations.
A computer is not only infected with viruses but there are different types of attacks faced by digital devices. Malware is a perennial attack that could use by a cybercriminal to interfere with a computer’s normal functioning, destruct the data, producing threats in willing of getting money. Malware has seven types:
Ransomware is a form of malevolent software that locks up the files on the computer, encrypts them, displays the notification, and demands ransom money to get the files back or unravel data. The demand is usually in the form of virtual currency, bitcoin because it is strenuous to track. This type of attack becomes a global incidence, with the primary aim of making monetary gains through illicit means. The attack started through emails & expanded through spamming and phishing.
Attackers have developed a way to legitimatize files already on a victim’s computer. They attain this by encrypting files and then charging for access to the key. This type of malware has begotten a new classification, crypto-ransomware but is more often known by the name of the prevalent version, Crypto Locker, or its variant Tesla Crypt and Crypt Wall.
Although there are multitudinous strains of ransomware, they mainly fall into two main divisions –
1- Crypto Ransomware
2- Locker Ransomware
|Crypto Ransomware||Locker Ransomware|
It is as simple as weaponizing strong encryption against victims to deny them access to those files.
Heavily utilizes social engineering.
This locks the device’s user interface and then demands the victim for the ransom.
Preys on users who do not utilize offline backups.
From 1989 attacks of ransomware were started and got typical to crack with the expansion of type. Ransomware attack got very common after being included as a service in form of ransomware-as-a-service.
Some of the famous cases regarding Ransomware -
• In August 2016, Bournemouth University successfully attacked and corrupted files with ransomware 21 times during the previous 12 months.
• In April 2016, A Network Hospital of Medstar Health in Maryland was attacked & blocked from working by the Sam-Sam Ransomware.
• In February 2016, Hollywood Presbyterian Medical was attacked by Locky ransomware, which disrupted working for two weeks until they paid 40 Bitcoin (about $17000) to recover its files.
Figure 1 - Evolution of Ransomware
The number of people and businesses at a risk is increasing every year. Anyone can be targeted by ransomware attacks including individuals, government entities, hospitals, or private sectors.
To understand the targets of Ransomware properly, it can be studied under two divisions:
1- User wise
2- System wise
• User Wise- All types of users including every age group consider as a target for getting ransom including people who are not technical person pressurized by this attack. Users can be of different types:
a. The Average User
b. Business Class User
c. Emergency Service
d. Financial Institutions
• System Wise- All kind of system is valuable for criminals but they target the profitable system, System can be of different types:
a. Personal Computers (PC)
b. Mobile Device
Ransomware not only targets home users; businesses can also get infected; leading to negative consequences; including
• Temporary or permanent loss of sensitive or proprietary information,
• Disruption to regular operations,
• Financial loss incurred to restore system and files, &
• Potential harm to an organization’s reputation.
Paying the ransom does not guarantee that the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.
A Global Cyber Attack unleashed more than 200,000 computers across more than 150 countries that were affected by the “ransomware”, called “WannaCry”.
The top five cities impacted by the ransomware attack are Kolkata followed by Delhi Bhubaneshwar, Pune, and Mumbai, while the top five states with maximum detections of the WannaCry virus are West Bengal, Maharashtra, Gujrat, Delhi NCR, and Odhisa.
The best way to protect our system is to create a regular backup of files. The malware only affects files that exist in the computer. If the machine is infected by ransomware, reset the machine using the backup & reinstall the software to restore the files from the backup.
According to Microsoft’s Malware Protection Centre, other precautions include regularly updating your anti-virus program; enabling pop-up blockers; updating all software periodically; ensuring the smart screen (in Internet Explorer) is turned on, which helps in determining reported phishing and malware websites; avoid opening attachments that may appear suspicious.
As the voguish saying, “Precaution is better than cure” Some steps for securing our systems are given below:
Step 1: Back up
Step 2: Avoid all spam links if unknown.
Step 3: Patch and block
All the OS, browsers, and security systems should always be kept up-to-date & patched including third-party plug-ins, like Java and Flash.
Step 4: Drop and Roll.
If a machine is found sign of infection, then to minimize the infection infected the machine should be immediately turned off, the network also should be turned off if the machine is on the network.
Increased growth of Internet technology paves the wave for every individual & organization for accessing information with the touch of a fingertip. The nature of the Internet is vulnerable to threats. Due to the escalation of the Internet, cybercrimes also improved in their way. Security is a substantial thing since the unearthing of the Internet. Hence, cyber security becomes obligatory to take circumspection mechanisms for avoiding Ransomware attacks further.
To learn more, visit the Sherlock Institute of Forensic Science India where the team of expert professionals and certified faculty provides you with a great opportunity to learn forensics by attending different forensic events organized from time to time. Also, you can learn by registering yourself in forensic courses and training programs offered by SIFS India both in online and offline mode. You can also visit our YouTube channel for all the events recoding.
Join our Telegram Channel for the hub of forensic books and study material.
You can put your review here if you have a great experience with SIFS India.
You can Attempt the weekly forensic quiz and post your certificate on social media by tagging the official Page of SIFS India with proper hashtags such as #SIFSIndia #LearnForensic to get a chance to be the winner.
Note - The figures and images used in this blog are only for educational purposes.