If you are infected with ransomware, you will not be able to perform normal operations such as encrypting files stored on your PC or changing your password. It features a warning screen when you try to access your data, asking you to pay in exchange for recovering your data. Malicious threats have also been reported, such as gradual deletion of data at regular intervals if payment requests are not followed.
In addition, there is a risk that not only will the files on the infected PC be encrypted, but the data on another storage connected to the PC will also be encrypted. In addition, ransomware has caused damage by changing the target, scale, and system shape several times. Information should always be gathered as ransomware threats continue to exist.
Cases of Damage Caused by Ransomware
Reveton
Ransomware that spread around 2012. It gets into your PC as a Trojan horse and locks your system for fictitious reasons as you download pirated software or illegal porn on your infected PC. The notification is disguised as if it was sent by the police, and it is devised to display the user's IP address on the screen.
WannaCry
It is said to be the largest attack in history, and in 2017, more than 200,000 large-scale infections in 150 countries were confirmed. Damage reports from Japanese companies have also been confirmed. WannaCry spread the infection by exploiting a security flaw, a "vulnerability" that Microsoft could not address. The infection has spread not only to individuals and businesses but also to government agencies and hospitals, causing confusion in Europe, such as hospital closures due to damage.
Transmission Route
It is said that there are two main routes of ransomware infection: "website" and "email". Let's understand the characteristics of each to prevent infection.
Website
Techniques such as WannaCry that attack security vulnerabilities are also cases of using websites. When an attacker creates a website with a virus and a user browses it, it becomes infected with ransomware. Even if it is a legitimate website, an attacker invaded and unknowingly rewrote the program. Recently, it has spread in the corporate network through infected terminals, and there is a strong tendency to target companies that are not well managed and cannot frequently update security.
Other reports have shown that users can install ransomware themselves. For example, when you visit a particular site, the site will appear garbled and you will be prompted to install the font. Clicking the install button is a way to install ransomware instead of fonts.
In the case of email, a Trojan horse-like technique that infects ransomware by opening links and attachments in the text is a standard. If you misunderstand that the email has important content such as an invoice or out-of-office notification and open the document file, the device will be infected with ransomware. The content of the email may be spam or targeted email.
In the case of spam mail, it can be automatically eliminated to some extent by using the junk mail filter. On the other hand, in the case of targeted emails, the emails are sent as if they were related parties, so you need to make your own judgment. If you do not know the danger of ransomware, you may open it by mistake, so take measures such as strengthening security software and regularly checking whether your PC is up to date.
How to Protect From Ransomware Infection
There is no authoritative option to protect your data from ransomware infection but using a new generation antivirus like total security can extend your level of security to a new height.
No comments:
Post a Comment