How do you get infected by ransomware? How can you defend yourself? Find out what the infection vectors are and how to block them.
Check your understanding. Answer this question...
Software updates are critical to protecting your computer because they often include bug fixes that hackers might otherwise exploit to remotely access your system without your knowledge. Otherwise, your computer may be exposed to viruses, malware, and other types of attacks.
An email message arrives. It seems from someone you trust, a friend or a work colleague. Actually, it was sent by a cybercriminal with the technique known as "spoofing," and the attachment contains malware.
In other cases, cybercriminals exploit vulnerabilities in programs or operating systems. Malicious software propagates autonomously, without the user having to perform any action.
Ransomware is a malicious code (malware) that encrypts files on the victim’s computer. The cybercriminal then asks the victim for a ransom, usually in cryptocurrencies, to decode the files.
Learning these techniques will help you defend yourself from malware.
Attack
An e-mail arrives from a known sender: a colleague, a shipper, a supplier, or a service company. The e-mail contains an attachment: a document, an invoice, and most often a .zip file.
Impact
By clicking on the attached file, you start the malicious software infection. This technique exploits Social Engineering and (unluckily) works very well.
75%
of ransomware attacks are transmitted by phishing emails
Dangerousness
Phishing emails are the most common vector of infection. Over 75% of ransomware is transmitted through phishing. Statistics tell us that in 10% of cases these messages are opened by users and even, according to the Verizon Data Breach Investigation Report, In about 2-5% of cases, email attachments or links are also clicked, allowing malware to infiltrate.
Attack
You download a file from an original site offering various software and files. Or you or click on a button within an advertising banner.
Impact
By downloading the software or clicking on the banner, you also download the malicious software that opens a door on your computer.
In this case, is the victim himself who downloads the malicious code
With this technique, the victim goes to the infected site and downloads malicious software without knowing.
Attack
The cybercriminal leaves a USB pen drive in a familiar place such as a company entrance, canteen, parking lot, etc.). Anyone who finds it will be tempted to put it into their computer to read its contents.
Impact
The pen drive contains malware. When the victim puts it on their computer, malicious software spreads into the computer, and the infection begins.
Curiosity causes the victim to insert the USB pendrive into their computer
Dangerousness
As well as phishing emails, this technique leverages the human factor and people’s curiosity. In this case, the same victim brings the malicious code into their computer.
Attack
You download a "bundle," which is a package composed of various software, for example, free programs that promise to "crack" expensive software (often even video games) to use them without paying.
Impact
The package also includes malicious software, which installs on your computer and starts the infection.
Malware is hidden inside the bundle
Dangerousness
This practice has become very dangerous today because the downloaded software often includes a nasty surprise. Ransomware campaigns are reported conveyed through cracked versions (therefore free) of well-known paid programs, especially Microsoft Office and Adobe Photoshop CC.
Check your understanding. Answer this question...
Today the cybercriminals are members of organizations, often multinationals, which operate according to sophisticated schemes using software purchased from specialized developers.
The Ransomware-as-a-Service model gives criminals, without special technical skills, the opportunity to conduct ransomware attacks. In fact, malware can be purchased by anyone on the Dark Web. Software programmers take less risks and make more money. Criminals use the software without having to write it.
To prevent falling victim to malware, follow these behaviors...
Attachments can be a malware vehicle
Malware can be hidden in the software
Obsolete software contains vulnerabilities that malware can exploit to access your computer
Updates fix the latest vulnerabilities preventing malware to access your computer
