Ransomware is a form of malware stealthily implanted on a victim’s device by an attacker with the intent of obtaining some valuable asset from the victim. Typically, the ransomware encrypts the user’s files or locks the user out of the device with a message showing how to contact the hacker or pay a ransom. Depending on the complexity of the algorithm with which the ransomware was designed, the malicious software can go as far as attacking network devices connected to the infected device.
Key Takeaways
- Ransomware attacks involve malware that encrypts files or locks users out of devices to extort money.
- These attacks have advanced significantly since 1989, targeting high-value entities like hospitals and government networks.
- The COVID-19 pandemic created vulnerabilities, allowing cybercriminals to exploit remote workers and underprepared institutions.
- New ransomware, such as Vicious Panda and CryCryptor, emerged during the pandemic, targeting users through seemingly legitimate applications.
- To prevent ransomware attacks, users should avoid untrusted emails, employ security software, and protect personal data.
The Growth of Ransomware Sophistication
Since the first ransomware attack in 1989, these malicious programs have grown in sophistication – attacking and taking ransom of high-value targets, including government networks, airports, hospitals, and so on. The advancement in cryptography, which goes hand in hand with encryption, has paved the way for this financially motivated cybercrime to thrive.
Cybercriminals can now develop sophisticated encryption technologies and receive payment via cryptocurrency, thereby making financial tracking a bit more complicated. According to Europol in 2018, ransomware rose over the last decade to become the most significant malware threat in the world.
COVID-19: An Opportunity for Ransomware Attacks
2020 will be a peculiar year to go down in history – undoubtedly due to the outbreak of the novel COVID-19 virus, which changed the way we live. The pandemic affected lives, properties, and even the economies of nations. People had to start working and schooling from home to limit the spread of the disease. Aside from the relative convenience this might pose, it also allowed cybercriminals to strike.
Hospitals and remote workers were the worst hit by this wave of attack, as the former, having a more critical task of managing the health crisis, paid little attention to its IT infrastructure, leading to infiltration. Remote workers, on the other hand, obviously having to use networks that aren’t as secure as the ones in the workplace, gave rise to an increase in ransomware attacks. Another factor that caused the surge in ransomware attacks during this period is the panic and chaos caused by the virus itself.
Ransomware Programs that emerged during the COVID-19 pandemic
The panic, which was mostly fueled by the reports of COVID-19’s infection rate and ultimately the lockdown, led users to lower their guard. Every application or website purported to be dispensing information concerning the virus became attractive to everyone. Unfortunately, some of these platforms possess harmful content that users do not know of till they get infected.
One of the newest ransomware in this category – the “Vicious Panda” campaign, was targeted at the public sector in Mongolia. This malware exploited a vulnerability in Microsoft Office Word, which, when infused into a system, grants the attacker remote access to be able to perpetrate their attacks.
A mobile app, dubbed the official COVID-19 tracer application provided by Health Canada, was shrouded with new ransomware called CryCryptor. This ransomware encrypts the user’s files and leaves a file through which the victim can reach out to the attacker to negotiate a release.
Fortunately, a decryption tool was soon developed for those who fell victim to the attack. Above all, ransomware software behaves the same way, and there are multiple ways to detect COVID-19-related ransomware attacks. The targets and manner in which these attacks are orchestrated speak volumes already.
Essential Ways to Stay Safe from Ransomware Attacks
Due to these vulnerabilities, both corporations and individuals must take specific measures to stay safe from a ransomware attack. Discussed below are some of these measures:
- Avoid Untrusted Emails and Websites: Emails and phishing websites have always been the primary source of attack over the years. Through social engineering and unsolicited emails, attackers can plant malicious programs to download and execute while an email or webpage is opened. To curb this, it is recommended that users ignore emails that have an unfamiliar subject line or that have gone to spam.
- Employ the Use of Security Software: For corporations and individuals, it is always a good rule of thumb to have security software such as an anti-malware software, firewall, and encryption mechanism to scan and remove any malware, prevent unauthorized network access, and encrypt files, so they are useless to anyone who intercepts data as they travel through the network.
- Avoid giving out personal data: The malicious use of a person’s data has gone beyond the usual theft from a financial account. These days, details as little as cache and cookies, which we allow on websites we visit, give way for our Internet activity to be monitored. A person’s Internet activity can reveal so much more about the person, and ultimately, it can be used to attack the person or gain access to an external network.
