Ransomware Background and Protection

Ransomware Background and Protection

Ransomware is malicious software.  It is covertly installed on a victim’s computer.  The intent is to hold your computer and files for ransom, as a result, rendering them unusable until you pay a ransom fee.  We understand how to identify where vulnerabilities are and approaches to mitigate having to pay money to get your stuff back!

In The Beginning

The first known ransomware was called “AIDS”, released in 1989 which used symmetric cryptography to encrypt the names of files on the victim’s hard drive and demanded $189 to be paid to the PC Cyborg Corporation to receive a repair tool. The flaw with symmetric cryptography is that the key could be extracted from the ransomware code.

In 1996, the idea of public key cryptography was introduced by Adam Young and Moti Yung using asymmetric cryptography, which in essence means that the ransomware only contains the encryption key, and the attacker can only decipher it and then provide the symmetric decryption key to the victim once the fee is paid.

Here Comes CryptoLocker!

By mid-2006, new ransomware was being released using more sophisticated RSA encryption schemes in which the encryption keys were increasing in size and complexity. By 2013, a newer form of ransomware called CryptoLocker emerged using the Bitcoin currency platform to collect the ransoms, procuring more than $27 million from infected users, according to ZDNet. Other variants of ransomware exist which are non-encrypting, referred to as Lockscreen ransomware, sometimes using premium rate SMS or high international phone rates to obtain the method to access your PC.

RaaS Enters The Scene

In addition, the ability for less skilled attackers to launch ransomware campaigns has increased tremendously due to the emergence of ransomware-as-a-service (RaaS) offerings on the dark web. It’s also being coupled with exploit kits and other malware to gain persistence in the victim’s environments.

Symantec has classified ransomware to be the most dangerous cyber threat. Your PC can become infected from various sources:

  • Visiting unsafe, suspicious or fake websites
  • Opening e-mails and e-mail attachments from unknown sources
  • Clicking on malicious links in e-mails, social media posts, IM, Skype, or other applications

Ransomware 101

Several suggested methods for protection have been published.

  • Ingress protections
  • Auto-scale endpoint protections
  • Behavior protection deterministic detections leveraging deep packet inspection
  • Reputational services
  • High value asset protection, containment, and isolation
  • Response planning
  • Offline backups
  • Regular malware hunting and validation (being proactive)

The O365 team also recommends the following:

  • Security awareness and education
  • Keep antivirus/anti-malware solutions running and updated
  • Enable Microsoft Active Protection Service (MAPS) cloud based protection
  • Don’t just backup your data but also test your backups and verify
  • Use OneDrive for Business (allows for recovery)
  • Beware of phishing e-mails and malicious attachments
  • Keep Windows and installed software up to date
  • Enable file history or system protection
  • Use Exchange transport rules to protect users against e-mails with attachments vulnerable to Ransomware

Anti-Ransomware Tools and Solutions
Oakwood offers a number of tools and solutions designed to detect and remove screen-locker ransomware. Contact us to set up a 1:1 call with a dedicated security expert.


Next Steps

Review our case studies and engagements where we helped companies just like yours solve a variety of business needs.


About Oakwood

Since 1981, Oakwood has been helping companies of all sizes, across all industries, solve their business problems.  We bring world-class consultants to architect, design and deploy technology solutions to move your company forward.   Our proven approach guarantees better business outcomes.  With flexible engagement options, your project is delivered on-time and on budget.  11,000 satisfied clients can’t be wrong.

About Oakwood

Since 1981, Oakwood has been helping companies of all sizes, across all industries, solve their business problems.  We bring world-class consultants to architect, design and deploy technology solutions to move your company forward.   Our proven approach guarantees better business outcomes.  With flexible engagement options, your project is delivered on-time and on budget.  11,000 satisfied clients can’t be wrong.

Like what you've read? Please spread the word!

Leave a Reply

Your email address will not be published. Required fields are marked *