Ransomware, as stated above is a kind of mal-function which inhabits
the user to access his/her files and demand a ransom in exchange for decrypting
the files. These malicious programs mostly spread by tricking the users to
click on some pop-ups which may have appeared to be safe and sound. Once such a
spurious popup is clicked, a ransomware program gets installed to the system
and finds files that bear extensions like JPG, XLS, PNG, PPT, DOC, etc. These
files are generally important ones in any computer system. The installed
program forces a user to make a definite, variable sum of payment to the
perpetrators generally in the form of cryptocurrencies. The team responsible
for spreading ransomware makes sure to keep their identity secretive and in
order to do so they make sure that no one can keep a track of the payment they
took. Attackers generally uses Tor protocol to hide their location. Along with
this, ransomwares also spread via traditional mailing system. More than 60
percent of ransomware spreads via an email (specifically as a Microsoft Word
document or a .ZIP file). According to Cisco Systems’ 2017 Annual Cybersecurity
Report, 65 percent of email traffic is spam and about 10 percent of the global
spam observed in 2016 was classified as malicious.
damages due to ransomware:
Businesses as well as individuals need to be fully aware of the threat
posed by ransomware and make cybersecurity a top priority. According to
Kaspersky, in an interval of 2 minutes at least 3 companies get hit by one type
of ransomware or the other. Moreover there has been a three-fold increase in
attacks over the business in the year 2016. Ransomware attacks can always
result in disrupting some important systems and can destroy some confidential
data. A damage of $325 million was accounted as a damage due to ransomware
according to some reports from Microsoft. Cybersecurity Ventures predicted cost
of damage to be $1 Billion in 2016, and there is an annual growth by 3.5 times
in ransomware, in reference to Annual cybersecurity report by cisco in 2017.
Other than financial impacts, there is permanent or temporary loss of
sensitive or proprietary data. Moreover, the regular operations get disrupted.
On an organizational level, it potentially harms the organization’s reputation.
Even on paying the ransom, one may not guarantee that the encrypted files will
be decrypted. In addition, it cannot be said that the malware infection has
been completely eradicated from the computer system.