Understanding Ransomware

[et_pb_section fb_built=”1″ _builder_version=”4.5.2″ background_color=”#fafafa” width=”100%” module_alignment=”center” custom_margin=”0px|0px|-55px|0px|false|true” custom_padding=”0px||0px|0px|true|false”][et_pb_row custom_padding_last_edited=”on|phone” _builder_version=”4.5.2″ background_color=”#ffffff” background_size=”initial” background_position=”top_left” background_repeat=”repeat” width=”100%” max_width=”1600px” custom_padding=”80px|50px|80px|50px|false|false” custom_padding_tablet=”” custom_padding_phone=”|20px||20px|false|false”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.5.2″ header_font=”|600|||||||” header_text_align=”left” header_text_color=”#2864ad” header_font_size=”42px” header_line_height=”52px” header_2_font=”|300|||||||” header_2_text_align=”left” header_2_text_color=”#000000″ header_2_font_size=”36px” header_2_line_height=”46px” header_3_font=”|600|||||||” header_3_text_align=”left” header_3_line_height=”37px” header_4_font=”|600|||||||” header_4_text_align=”left” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”-82px|||||” header_font_size_tablet=”35px” header_font_size_phone=”32px” header_font_size_last_edited=”on|desktop” header_line_height_tablet=”45px” header_line_height_phone=”42px” header_line_height_last_edited=”on|phone” header_2_text_align_tablet=”” header_2_text_align_phone=”” header_2_text_align_last_edited=”on|desktop” header_2_font_size_tablet=”32px” header_2_font_size_phone=”30px” header_2_font_size_last_edited=”on|desktop” header_2_line_height_tablet=”42px” header_2_line_height_phone=”40px” header_2_line_height_last_edited=”on|phone” header_3_text_align_tablet=”” header_3_text_align_phone=”” header_3_text_align_last_edited=”on|phone” header_4_text_align_tablet=”” header_4_text_align_phone=”” header_4_text_align_last_edited=”on|phone”]

 

 

 

 Understanding Ransomware

 

The Malware that Attacks Your Data, and Then Your Wallet

ransomware

There is no shortage of cyber criminals and tools they have at their disposal to take advantage of those they set their sights on. It seems more and more of them select ransomware as their weapon of choice. The best defense is an informed offense. Knowing what ransomware is and avoiding their pitfalls is critical to a business’s survival. Great news! This type of malware has distinctive characteristics that make it fairly easy to identify.

 

[/et_pb_text][et_pb_text _builder_version=”4.5.2″ header_font=”|600|||||||” header_text_align=”left” header_text_color=”#2864ad” header_font_size=”42px” header_line_height=”52px” header_2_font=”|300|||||||” header_2_text_align=”left” header_2_text_color=”#000000″ header_2_font_size=”36px” header_2_line_height=”46px” header_3_font=”|600|||||||” header_3_text_align=”left” header_3_line_height=”37px” header_4_font=”|600|||||||” header_4_text_align=”left” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”-82px|||||” custom_padding=”0px|||||” header_font_size_tablet=”35px” header_font_size_phone=”32px” header_font_size_last_edited=”on|desktop” header_line_height_tablet=”45px” header_line_height_phone=”42px” header_line_height_last_edited=”on|phone” header_2_text_align_tablet=”” header_2_text_align_phone=”” header_2_text_align_last_edited=”on|desktop” header_2_font_size_tablet=”32px” header_2_font_size_phone=”30px” header_2_font_size_last_edited=”on|desktop” header_2_line_height_tablet=”42px” header_2_line_height_phone=”40px” header_2_line_height_last_edited=”on|phone” header_3_text_align_tablet=”” header_3_text_align_phone=”” header_3_text_align_last_edited=”on|phone” header_4_text_align_tablet=”” header_4_text_align_phone=”” header_4_text_align_last_edited=”on|phone”]

Why is ransomware popular among online bad actors?

Like many online attacks, ransomware is adeptly named, it’s malware that allows hackers to demand a ransom. Ransomware follows a straightforward and powerful method of attack: extortion. The program encrypts files on the host system and then demands the user pay to regain access to their files. Then the attacker will likely ask to be paid in some form of cryptocurrency. Usually imposing a time limit as well for their demands to be met, threatening to either delete the files or double the amount demanded if the stated deadline passes.

Since ransoms from this malware tend to run on the high side, the nefarious actor is more likely going to target a business that can actually afford it. After all this is almost always about the financial gain and it is rare that this type of criminal is going to target a single user or very small business, although the latter is not unheard of.

How do you catch the ransomware bug?

A popular tactic of malware distributors is email phishing. Phishing is sending out emails whose sole objective is to convince the user to give the malware access to their system. These emails can be made to look like they are from government organizations to peers in your industry industry, and can be very convincing. The malware is sent along as an attachment that activates once it is opened. It bypasses many of the system’s defenses by utilizing the user’s access and permissions.

This frequently used tactic for spreading malware provides two more reasons that businesses, both medium and large, are so frequently targeted. Camouflage, as you have many individuals to pick from and pretend to be, and points of access.

Chances are if you are in business you deal with a lot of emails, as many as 121 every single day. Clients, coworkers, managers, and executives are all included here and this daily volume tends to lead to autopilot behavior. for instance, someone in human resources who has been employed for some time, receives a folder containing job application materials and this nothing that would be out of the ordinary. If the email looks legitimate, and their is a properly named attachment, what would give this person a reason to worry? These assumptions (the ones that lead to short-sighted clicking) are precisely what cyber criminals rely on to infiltrate their target’s systems.

The second threat factor; high volume of points of access. As businesses grow they typically need to take on more employees to support their operations. An unfortunate side effect of this is as a company grows its potential value to a cyber criminal increases as well.

 

[/et_pb_text][et_pb_text _builder_version=”4.5.2″ header_font=”|600|||||||” header_text_align=”left” header_text_color=”#2864ad” header_font_size=”42px” header_line_height=”52px” header_2_font=”|300|||||||” header_2_text_align=”left” header_2_text_color=”#000000″ header_2_font_size=”36px” header_2_line_height=”46px” header_3_font=”|600|||||||” header_3_text_align=”left” header_3_line_height=”37px” header_4_font=”|600|||||||” header_4_text_align=”left” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”-82px|||||” custom_padding=”0px|||||” header_font_size_tablet=”35px” header_font_size_phone=”32px” header_font_size_last_edited=”on|desktop” header_line_height_tablet=”45px” header_line_height_phone=”42px” header_line_height_last_edited=”on|phone” header_2_text_align_tablet=”” header_2_text_align_phone=”” header_2_text_align_last_edited=”on|desktop” header_2_font_size_tablet=”32px” header_2_font_size_phone=”30px” header_2_font_size_last_edited=”on|desktop” header_2_line_height_tablet=”42px” header_2_line_height_phone=”40px” header_2_line_height_last_edited=”on|phone” header_3_text_align_tablet=”” header_3_text_align_phone=”” header_3_text_align_last_edited=”on|phone” header_4_text_align_tablet=”” header_4_text_align_phone=”” header_4_text_align_last_edited=”on|phone”]

 

Types of Ransomware You Need to Know

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

cryptolocker

[/et_pb_text][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”][/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Cryptolocker

When activated, the malware encrypts certain files stored on local and network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

zepto

[/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Zepto

If your device gets infected by a Zepto file virus it will make all your files into encrypted copies, while also deleting the originals.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

cerber3

[/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Cerber3

 Cerber3 encrypts files, generates random file names (10 characters), and appends the “. cerber3” extension to the name of each encrypted file.

 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

fairware

[/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Fairware 

Specifically targets Linux servers, allegedly copies the files and deletes the web folders present on the servers.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default” min_height=”244px” custom_margin=”|auto|-5px|auto||” custom_padding=”18px||0px|||”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

petya

[/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Petya

The malware targets Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive’s file system.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.5.2″ _module_preset=”default” min_height=”244px” custom_margin=”|auto|-5px|auto||” custom_padding=”||0px|||”][et_pb_column type=”2_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

wildfire ransomware

[/et_pb_text][/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.5.2″ _module_preset=”default”][et_pb_text _builder_version=”4.5.2″ _module_preset=”default”]

Wildfire

Wildfire spreads through well-crafted spam e-mails. Encouraging the unsuspecting victim to download a file with embedded macros. Is typically used to attack cryptocurrency accounts.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row custom_padding_last_edited=”on|phone” _builder_version=”4.5.2″ background_color=”#ffffff” background_size=”initial” background_position=”top_left” background_repeat=”repeat” width=”100%” max_width=”1600px” custom_padding=”80px|50px|80px|50px|false|false” custom_padding_tablet=”” custom_padding_phone=”|20px||20px|false|false” locked=”off”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.5.2″ header_font=”|600|||||||” header_text_align=”left” header_text_color=”#2864ad” header_font_size=”42px” header_line_height=”52px” header_2_font=”|300|||||||” header_2_text_align=”left” header_2_text_color=”#000000″ header_2_font_size=”36px” header_2_line_height=”46px” header_3_font=”|600|||||||” header_3_text_align=”left” header_3_line_height=”37px” header_4_font=”|600|||||||” header_4_text_align=”left” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”-82px|||||” custom_padding=”0px|||||” header_font_size_tablet=”35px” header_font_size_phone=”32px” header_font_size_last_edited=”on|desktop” header_line_height_tablet=”45px” header_line_height_phone=”42px” header_line_height_last_edited=”on|phone” header_2_text_align_tablet=”” header_2_text_align_phone=”” header_2_text_align_last_edited=”on|desktop” header_2_font_size_tablet=”32px” header_2_font_size_phone=”30px” header_2_font_size_last_edited=”on|desktop” header_2_line_height_tablet=”42px” header_2_line_height_phone=”40px” header_2_line_height_last_edited=”on|phone” header_3_text_align_tablet=”” header_3_text_align_phone=”” header_3_text_align_last_edited=”on|phone” header_4_text_align_tablet=”” header_4_text_align_phone=”” header_4_text_align_last_edited=”on|phone”]

 

 

[/et_pb_text][et_pb_text _builder_version=”4.5.2″ header_font=”|600|||||||” header_text_align=”left” header_text_color=”#2864ad” header_font_size=”42px” header_line_height=”52px” header_2_font=”|300|||||||” header_2_text_align=”left” header_2_text_color=”#000000″ header_2_font_size=”36px” header_2_line_height=”46px” header_3_font=”|600|||||||” header_3_text_align=”left” header_3_line_height=”37px” header_4_font=”|600|||||||” header_4_text_align=”left” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”-82px|||||” custom_padding=”0px|||||” header_font_size_tablet=”35px” header_font_size_phone=”32px” header_font_size_last_edited=”on|desktop” header_line_height_tablet=”45px” header_line_height_phone=”42px” header_line_height_last_edited=”on|phone” header_2_text_align_tablet=”” header_2_text_align_phone=”” header_2_text_align_last_edited=”on|desktop” header_2_font_size_tablet=”32px” header_2_font_size_phone=”30px” header_2_font_size_last_edited=”on|desktop” header_2_line_height_tablet=”42px” header_2_line_height_phone=”40px” header_2_line_height_last_edited=”on|phone” header_3_text_align_tablet=”” header_3_text_align_phone=”” header_3_text_align_last_edited=”on|phone” header_4_text_align_tablet=”” header_4_text_align_phone=”” header_4_text_align_last_edited=”on|phone”]

If you see any of these pictures, you are going to need help. At MyTek, our dedicated technicians can help show you how to altogether avoid the unfortunate situations brought on by ransomware. If you have questions about ransomware, malware of any kind, or if you simply would like tips on how to best protect your data and infrastructure from ransomware, send us an email or call us today at 623-312-2440.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Table of Contents

HUMANIZING IT AND CREATING IT HAPPINESS IN ARIZONA

Our goal is to reinvent the managed IT experience for growing Arizona businesses through a partnership with no long-term commitments, technology options that are flexible to meet your needs and infrastructure and strategy that position your technology as a competitive advantage.

Download Our Price Sheet