Ransomware is a particularly insidious category of malware that can lock computers, encrypt files, or both, and hold them for ransom. Many different ransomware strains can vary in their functionality and infection capabilities. And as you may have noticed, some ransomware strains also have colourful names. What do the ransomware names mean, and what makes one ransomware different from the next?

Ryuk 

Ryuk is a Shinigami or God of death in the Japanese animated series Death Note. The show’s protagonist discovers the character and attempts to use him for good deeds while fulfilling Ryuk’s hunger for amusement. Fans have drawn entertainment both from Ryuk and the show’s dark humour. 

Unfortunately, there’s nothing humorous about Ryuk ransomware, which researchers found in 2017. What makes Ryuk ransomware more threatening than other strains is its ability to isolate network drives and resources and delete and disable restoration tools and backup systems. It can also spread more easily with its new worm-like capabilities. 

Extortionists typically use Ryuk for targeted attacks. The malware has infected businesses, media websites, and even hospitals. Researchers estimate that the malware raised over $61 million between February 2018 and October 2019 alone. 

Petya 

Petya is another ransomware strain with a name drawn from popular culture. In the 1995 James Bond film GoldenEye, Petya was a Soviet weapon satellite carrying a weapon of mass destruction. The Petya ransomware was similarly destructive and innovative, though it wasn’t unusually infectious. 

The first Petya ransomware strain was unique because it blocked victims from accessing their computers rather than encrypting files. The malware spread through phishing emails that carried job offers. But for Petya to unleash havoc, users had to agree to grant it administrative control, which many experienced users recognized as a red flag.  

Later versions of Petya were more infectious and even more dangerous. One, in particular, NotPetya, may still give many computer users nightmares.

NotPetya

In 2017, a variant of Petya started infecting computers that were so different that researchers dubbed it ‘NotPetya’ to help people understand it was new ransomware. NotPetya was part of a cyberattack in Europe, primarily targeting companies in Ukraine. Later, NotPetya spread to Germany, Italy, France, Poland, the United Kingdom, and the United States. Unlike Petya, NotPetya did not seek administrative permissions. It also used a Windows Server Message Block (SMB) protocol exploit called EternalBlue. While many researchers believe that the ransomware started from Russia as a political attack, its exploit may have been stolen from the U.S. National Security Agency (NSA). 

WannaCry

WannaCry got its name from strings of codes found in initial samples of the malware, but the name was apt because it made a lot of organizations want to shed tears of grief. The crypto-ransomware exploited an SMB vulnerability to infect countless hospitals, banks, and other companies globally, costing billions. Investigators later found that elements in North Korea were responsible for the malware. These are four pieces of ransomware with interesting names. To protect your data from any of them, use the most secure version of your operating system and invest in anti-malware technology with ransomware rollback capabilities.

Suggested:

10 Ways to Protect Yourself from Ransomware.

What Security features must have in Good Antivirus?

The post What Do the Ransomware Names Mean? appeared first on Tricky Enough.

Ransomware is malicious code that infects a computer system and prevents access to files until the user pays the cyber criminal a ransom in order to restore access.

What is Ransomware?

The short answer to the question what is ransomware is it’s basically a virus that encrypts your files then locks your PC and finally displays a message with instructions on how the ransom can be paid to get the code to unlock the Files & Computer. More  or the entire hard drive. The only way to unlock the files or drive is the get the decryption key from the attacker.

Ransomware was invented in 1996 and soon became popular in Russia. It has however spread internationally and is now big business. For example, the most famous ransomware, Cryptolocker, made over 3 million in ransom payments before being taken down. The FBI estimates that another ransomware, Cryptowall, had made over $18 million by June 2016.

Payment is made using Bitcoins which allows the attackers to remain anonymous.

Many computer users who found that they have been attacked don’t have advanced computer knowledge and therefore opt to pay the ransom especially if the files are important to them.

One of the reasons it is currently one of the biggest concerns for security professionals is that once a computer is attacked and the files encrypted, there is usually no other way to get the files back without the decryption key. Current ransomware such as Cryptowall uses asymmetric encryption techniques where the decryption key differs from the encryption key and isn’t stored next to encryption data.

Ransomware must, therefore, be stopped before it infects a computer because the data will become unrecoverable. This article takes you through some of the steps you can take to prevent your computer from being infected and what to do if the unthinkable happens.

Important points to keep yourself safe from Ransomware.

1. Backup Regularly

You must back up important files regularly. In fact, with the proliferation of cloud services, you have no excuse not to back up. The best way to backup is to have one copy of files for a cloud service and another copy in physical portable media. The physical copy should be read-only to prevent accidental overwriting or deletion.

2. Check Your Back Up Often

Secondly, check your backup often to ensure that your data is intact. Even cloud services can be hacked, and physical media can get damaged.

3. Be Paranoid About Email

Ransomware is primarily distributed through fake email phishing messages. Phishing is a criminal practice where an attacker sends you an email that appears to come from someone you trust such as your bank. The attacker will typically ask you to click on a link or open an attachment. The instant you do so, your machine gets infected. Never click links in emails unless you are 100 percent sure about the identity of the person sending the email and never download attachments from unknown senders. Instead get rid of this kind of emails.

4. Don’t Trust Social Media

Cyber criminals also use social media to distribute ransomware. As with email don’t click on links from friends and never download attachments. Your friend’s accounts may have infected, files and they may not even be aware that they have sent you a message.

5. Show File Extensions

If you are running Windows, set your computer to show files extensions. This way, you can easily see the type of file, for example, .docx, .pdf etc. Malicious files will usually have extensions such as .exe, .vbs and .scr. If you find files ending with these types of extensions you should be very suspicious.

6. Update Regularly

Set your computer to update the operating system regularly and don’t ignore system notifications. Software companies regularly release updates to patch security holes they have discovered.

7. Use a Good Antivirus

There are many antivirus products, but not all have the capability to protect you from ransomware. The good ones are able to protect your files once a threat is detected. You will need to spend some money on a good antivirus. Check virus testing sites to see if the product has anti-ransomware features and have a look at the test scores.

8. Find Out the Name of the Ransomware

If your computer is infected, find out the name of the virus or malware as security companies have managed to crack older versions so you may be able to get your files back.

9. Disconnect the Machine if Something is Amiss

If you notice some weird process going on, yank the power cable or Internet connection immediately. Depending on the ransomware, there may be a good chance the malware has not yet erased the encryption key in which case a security expert may able to restore your files.

10. Don’t Pay the Ransom

If you have done all of the above things and your computer still gets infected, don’t pay the ransom. Payment of Ransom is what drives the business. If everyone refused to pay, the business would die, and we would all be safe.

Conclusion

Finally, if you do become infected, report the crime to the authorities and collaborate to help put an end to this despicable practice.

The post 10 Ways to Protect Yourself from Ransomware appeared first on Tricky Enough.