Believe it or not, ransomware has been around since the 1980s — but it was only fairly recently that it made waves as a legitimate threat to modern businesses. Modern ransomware prevents users from accessing their system and/or their personal files, and accompanying the lockout is a demand for money.
There are two general types of ransomware, although there may be hybrids and new types being monitored every day.
Crypto ransomware
Crypto ransomware (also known as cryptors) is any harmful program that encrypts files stored in computers or mobile devices for the purpose of extorting money. When a cryptor attack is launched, it “scrambles” the contents of the file, rendering it unreadable. The attackers will then pressure the victim to pay exorbitant amounts of money in exchange for the decryption key needed to “unscramble” the file. What’s risky is that there is no guarantee that the attackers will even release the decryption key after payment has been made.
Cryptors are usually encountered via files or links delivered through email, instant messages, or social media. The other common delivery method is through trojan downloaders or exploit kits — these are programs or strings of code that secretly download, install, and execute malicious files from a remote server. Once the cryptor is installed and runs on a device, it starts sniffing around for targeted files to encrypt.
One particularly damaging cryptor is Petya, a ransomware family that encrypts the Master Boot Record (MBR) of a computer. The MBR is the data that identifies how and where an operating system is located within a computer so that it can be booted into the computer’s random access memory (RAM). For all other parts of the computer to run, the MBR has to run first. Making it inaccessible, needless to say, renders the entire computer and all the information it carries useless.
Petya’s most notable victim so far was Reckitt Benckiser, the company behind the Dettol, Nurofen, and Durex brands. It lost an estimated £100 million in revenue. Microsoft’s analysis of the 2017 attacks revealed that there were over 12,500 victims from over 65 countries and that Petya’s spread started from a Ukrainian company’s tax accounting software. A more recent version of Petya doesn’t just encrypt computer data, it completely wipes it clean forever.
Screen lockers
Unlike cryptors, locker ransomware (also known as lock screen ransomware) doesn’t encrypt the information stored on the device to prevent access. Instead, it just prevents the victim from accessing the device, leaving the information relatively untouched. Screen lockers are more primitive than crypto ransomware, and they primarily play on how convincingly cybercriminals deploy their attacks.
One of the most prominent screen locker attacks in history was the Metropolitan Police scam, which first came out in 2012. When this ransomware attacks a computer, an intrusive full-screen message threatening the victim pops out of nowhere. This message claims that the target has been found to have viewed and stored banned pornography and to unlock their computer, they need to pay a fine. Some versions of this ransomware even take control of the computer’s webcam to film the victim and use the footage as a tool to further the scam.
Related article: Check this list of free ransomware decryptors
Fighting ransomware with managed services
Competent managed services providers (MSPs) like outsourceIT provide comprehensive network and data protection that will protect your business from ransomware. The key to steering clear of ransomware is to avoid all of its transmission vectors; with outsourceIT’s cybersecurity solutions, you’ll be able to prevent exposure to the very agents that spread these destructive malware.
Our solutions encompass proactive network protection, expert consultation against ransomware and other threats, complete data backups, and comprehensive employee training. With our services, your data is protected, your reputation upheld, and you’ll enjoy peace of mind.
Network security is a regular concern in business, but it doesn’t need to be stressful. We’ll provide you with proactive solutions that nip network threats in the bud before they can even pose a problem. Contact us today to learn how we can protect your business.
