Using an example of ransomware of your choice explain a how

Using an example of ransomware of your choice, explain a) how the malware infects its victims(s) and what files it targets and b) how potential victims can avoid this threat.

Solution

Please follow the data :

a)

Ransomware :

It is basically a computer malware that installs secretly on the victim\'s computer, and then executes a attack that adversely affects it, and thus it demands a ransom payment to decrypt it or not to publish it. Ther are even some simple ransomware malwares that may lock the victim\'s system in a way which is not difficult for a knowledgeable person to reverse, and display the message requesting a payment to unlock it.

On the other hand there are some of the advanced malware in such kind that encrypts the victim\'s files, making them inaccessible, and thus results in demanding a ransom payment to decrypt them. The ransomware may also encrypt the computer\'s Master File Table popularly called as the MFT or at times even the entire hard drive of the victim system.

Thus, the malware ransomware can be analysed or defined as a denial-of-access attack that prevents the computer users from accessing files since it is difficult for the user to decrypt the files without the use of the decryption key. These kinds of attacks are generally introduced to the victim as a legitimate file.

These types of attacks are typically carried out using a Trojan from the source system, that will be entering the victim system through, as an example, it could be a dailu used file from the net or a downloaded file or a vulnerability in a network service.

When this is done the program then runs a payload immediately, which locks the system, or claims to lock the system but does not making the user puzzled with the adverse affects to scre the victim. The data may display a fake warning willingly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, contains content such as pornography and \"pirated\" media, or runs a non-genuine version of Microsoft Windows.

There are some of the cases where the payloads consist simply of an application designed to lock or restrict the system until payment is made, typically by setting the Windows Shell to itself, or even modifying the master boot record and/or partition table to prevent the operating system from booting until it is repaired.

b)

Prevention of a Ransomware attacks :

1) Backup the important data :

The first and the important one good safe computing practice is to ensure thet we have the accurate backups of the necessary and the most important files. The 3-2-1 principle should be in play as the three copies, two different media, and one separate location.

2) Check for the Sender\'s identity in a mail :

If the email is coming from a bank, then we need to verify with the bank if the message is legitimate and relative to the case. And if the mail came from a personal contact or a singluar identity, then the user needs to confirm if the contact sent the message or not so that to be perfect.

3) Check before clicking links in email :

In general, clicking on links in email should be avoided as much as possible as the se are the main caouse that makes the malware download directly to the victim hard drive. But that if one have to click on a link in email, make sure that the browser uses web reputation to check the link.

4) Ensuring for the software is Updated Version :

Maintaining the updated softwares and the apps in the systems makes the system more robust such that the applications are virus and malware free or even can be effective to face the attacks for some extent.

Hope this is helpful.