In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .
Agree

Tech

[Other] [Mi Knowledge Hub #12] Ransomware Attack – Everything You Need to Know About Ransomware Protection!

2019-10-14 23:09:58
3720 94

Hello Mi Fans,

Ever wondered what all the ransomware fuss is about? You've heard about it at the office or read about it in the news. Maybe you've got a pop-up on your computer screen right now warning of a ransomware infection. Ransomware attack is quite common nowadays since Malicious software spreading everywhere through various mediums. The cybercriminals that use it are looking to do one thing, extort your money. Not unlike the movies, it usually starts with an ominous ransom note demanding money.


  • What is ransomware?

In simple words, Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment. In many cases, the ransom demand comes with a deadline. If the victim doesn’t pay in time, the data is gone forever. The earliest variants of ransomware were developed in the late 1980s, and payment was to be sent via snail mail. Today, ransomware authors order that payment be sent via cryptocurrency or credit card.


Ransomware attacks are all too common these days. Major companies in North America and Europe alike have fallen victim to it. Cybercriminals will attack any consumer or any business and victims come from all industries. Furthermore, half of the victims who pay the ransom are likely to suffer from repeat attacks.

  • How does Ransomware work?

Ransomware is a type of malware designed to extort money from it victims, who are blocked or prevented from accessing data on their systems. The two most prevalent types of ransomware are encryptors and screen lockers. Encryptors, as the name implies, encrypt data on a system, making the content useless without the decryption key. Screen lockers, on the other hand, simply block access to the system with a “lock” screen, asserting that the system is encrypted.


There are a number of vectors ransomware can take to access a computer. One of the most common delivery systems is phishing spam — attachments that come to the victim in an email, masquerading as a file they should trust. Once they're downloaded and opened, they can take over the victim's computer, especially if they have built-in social engineering tools that trick users into allowing administrative access. Some other, more aggressive forms of ransomware, like NotPetya, exploit security holes to infect computers without needing to trick users.

Victims are often notified on a lock screen (common to both encryptors and screen lockers) to purchase a cryptocurrency, like Bitcoin, to pay the ransom fee. Once the ransom is paid, customers receive the decryption key and may attempt to decrypt files. Decryption is not guaranteed, as multiple sources report varying degrees of success with decryption after paying ransoms. Sometimes victims never receive the keys. Some attacks install malware on the computer system even after the ransom is paid and the data is released.


  • Who is a target for ransomware?

There are several different ways attackers choose the organizations they target with ransomware. Sometimes it's a matter of opportunity: for instance, attackers might target universities because they tend to have smaller security teams and a disparate user base that does a lot of file sharing, making it easier to penetrate their defenses.

On the other hand, some organizations are tempting targets because they seem more likely to pay a ransom quickly. For instance, government agencies or medical facilities often need immediate access to their files. Law firms and other organizations with sensitive data may be willing to pay to keep news of a compromise quiet — and these organizations may be uniquely sensitive to leakware attacks. Some ransomware also spreads automatically and indiscriminately across the internet.


  • Examples of Ransomware

While ransomware has technically been around since the '90s, it's only in the past five years or so that it's really taken off, largely because of the availability of untraceable payment methods like Bitcoin. While there continues to be variations in the code, targets, and functions of ransomware, the innovation in ransomware attacks are typically incremental. Some of the worst offenders have been:

  • CryptoLocker, a 2013 attack that launched the modern ransomware age and infected up to 500,000 machines at its height
  • TeslaCrypt, which targeted gaming files and saw constant improvement during its reign of terror
  • SimpleLocker, the first widespread ransomware attack that focused on mobile devices
  • WannaCry, which spread autonomously from computer to computer using EternalBlue, an exploit developed by the NSA and then stolen by hackers
  • NotPetya, which also used EternalBlue and may have been part of a Russian-directed cyberattack against Ukraine
  • Bad Rabbit—Considered a cousin of NotPetya and using similar code and exploits to spread, Bad Rabbit was a visible ransomware that appeared to target Russia and Ukraine, mostly impacting media companies there. The majority of cases indicate that it was spread via a fake Flash player update that can impact users via a drive by attack.


And this list is just going to get longer. It's important to follow the tips listed here to protect yourself.

  • Ransomware Prevention and Detection

Prevention is the best way to have ransomware protection. Not all protection is made equal, however. Ransomware Attack typically follows a 10-step process that looks like this:

  • Threat is detected – attacker has generated a malicious link
  • Skates by filters
  • Enters email browser or app
  • Link activates
  • Antivirus bypassed
  • Malware is released
  • Attacks your remote server and network connection
  • Dark web exfiltration
  • Infection
  • Attacked

How to Avoid Ransomware Attacks

  • Defend your email against Ransomware—Email phishing and spam are the main way that ransomware is distributed. Secure Email Gateways with targeted attack protection are crucial for detecting and blocking malicious emails that deliver ransomware. These solutions protect against malicious attachments, malicious documents, and URLs in emails delivered to user computers.
  • Defend your mobile devices against Ransomware—Mobile attack protection products, when used in conjunction with mobile device management (MDM) tools, can analyze applications on users’ devices and immediately alert users and IT to any applications that might compromise the environment.
  • Defend your web surfing against Ransomware—Secure web gateways can scan users’ web surfing traffic to identify malicious web ads that might lead them to ransomware.
  • Monitor your server, network and back up key systems—Monitoring tools can detect unusual file access activities, viruses, network C&C traffic and CPU loads, possibly in time to block ransomware from activating. Keeping a full image copy of crucial systems can reduce the risk of a crashed or encrypted machine causing a crucial operational bottleneck.


How to Remove Ransomware
  • Call federal and local law enforcement—Just as someone would call a federal agency for a kidnapping, organizations need to call the same bureau for ransomware. Their forensic technicians can ensure systems aren’t compromised in other ways, gather information to better protect organizations going forward and try to find the attackers.


Ransomware Recovery

  • Learn about anti-ransomware resources—No More Ransom portal and Bleeping Computer have tips, suggestions and even some decryptors for selected ransomware attacks.
  • Restore data—If organizations have followed best practices and kept system backups, they can restore their systems and resume normal operations.


Conclusion:

Unfortunately, when it comes to Ransomware Attack, it probably will be around for a long time. This easy and malicious way of robbing individuals and company’s can cost billions of dollars not to mention the privacy and safety implications. There is hope in ransomware prevention through educating yourself on what to look out for and what to do if you do get attacked.

True ransomware protection happens with a multi-layered defense system, that seals up all the spots these malicious intruders would break-in. Don’t be afraid, be protected.


Source: 1, 2, 3
Image source: Google



Rate

Number of participants 6 Experience +76 Pack Reason

View Rating Log

2019-10-14 23:09:58
Favorites52 RateRate
Very informative. Thanks for sharing
2019-10-15 01:15:35
Interesting!
2019-10-15 01:27:50

Pro Bunny

Tin Naing Zaw | from Redmi Note 7 Pro

#3

Thanks.
2019-10-15 01:29:34

Moderator

BeingBishal | from MI 9 SE

#4

Informative Thread!
2019-10-15 02:00:56
Thanks for sharing
2019-10-15 03:41:42

Resource Team

iMKajal | from MI 8

#6

Helpful Information!
2019-10-15 11:28:42

Grand Master Bunny

$huvo | from app

#7

Informative
2019-10-16 08:03:33

Master Bunny

1804614950 | from app

#8

informative
2019-10-16 19:45:48
Very informative
2019-10-16 21:00:09
Thanks for sharing
2019-10-16 21:01:23
please sign in to reply.
Sign In Sign Up

Crossfiree

Süper moderatör

  • Followers

    4087

  • Threads

    227

  • Replies

    1044

  • Points

    312376

3 Days Check-In
7 Days Check-In
21 Days Check-In
40 Days Check-In
Mi Explorers
10k
9th Birthday of Xiaomi
Mi Bunny Winner
বাংলা নববর্ষ
9th Brithday
Suited and Booted
10k Mi Fans
Redmi Note 7
Cast Away
30K Members
Redmi Note 7 Into Space
Mi Love U & I
Bunny Winner
20K Mi Fans
Mi 9 & Mi 9 SE
70K Fans
Mother's Day
X-Men
Día de las Madres
Best Mi
Happy Mother's Day
Android Q
50K Mi Fans
Mobile Photography Lover
25K
Challenger
40K Registered Users
Eid Mubarak
Eid ul-Fitr Mubarak
Brain Teaser
Perfil Personalizado
80K Mi Fans
200k Member
Best Writer
15K UK
Nuevo Logotipo Xiaomi
100K Mi Fans
Selfie Day
50K Users
Piñata Xiaomi
Three's A Party
Happy July
Mi 9T
Global Fans
My Country My Pride
Mi 9 SE
60K Registered Users
Like
Check in
Reply
Favorites
Post
Profile Medal
MIUI 9th Birthday
Global Community
Mi A3
70K
90k Mi Fans en México
100 Mil Mi Fans
80K
wallpaper votes
500
Redmi 7A
better together slogan
Global Community
device poll
better together with friends
games discuss
Puzzle Master
Mid-Autumn Festival
90K Registered Users
100K
200K Mi Fans
Medalla de Xiaomi Mi 9

Read moreGet new
Copyright©2016-2019 Xiaomi.com, All Rights Reserved
Content Policy
Quick Reply To Top Return to the list