• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Malware » What is Ransomware?

What is Ransomware?

2019-08-29 by Michelle Dvorak

What is Ransomware

What is Ransomware and How Does it Work?

Ransomware is a type of malware or malicious software that infects a computer and blocks access to a computer system, files, or data. Usually the goal of ransomware is to extort money from victims. Frequently the ransom is demanded in the form of Bitcoin so as not to trace cyberattack back to the hackers. Although some believe that ransomware focuses only on corporations and larger organizations that can pay hefty sums of money to restore their IT systems, ransomware is often used to infect thousands of computers to extort smaller sums from a larger pool of targets.

Ransomware is in the news recently as municipalities, educational institutions, and smaller government agencies across the United States without large IT budgets have fallen victim to ransomware attacks. Some of the cities opted to pay the ransom, but others decided not to pay hackers but then worked for months to restore their IT systems.

Ryuk Ransomware

Ryuk ransomware is a type of Trojan malware that infects computer and encrypts files demanding payment to restore access. Like many other ransomwares, Ryuk is initiated with a phishing email campaign with a trickbot delivered via a scam email. The phishing emails are delivered to a number of people within an organization to infect as many computers as possible. Ryuk kills computer processes, stop services, defeat antivirus apps, and backups on infected machines.

Heimdel Malware Protection
Heimdel Malware Protection

Baltimore Ransomware Attacks

In a March of 2018 Baltimore city services fell victim to a ransomware attack, essential services like fire, police, and emergency medical services including 911 and 311 phone systems were halted by hackers. Systems were blocked and city services were services halted.

Baltimore, Maryland was hacked again in May 2019. The ransomware attack again halted customer service and financial transactions for Baltimore city departments. Residents were unable to pay their bills for city and county accounts. Public Works was forced to use Twitter to communicate with residents. Baltimore City employees were told to unplug and sent home.

WannaCry ransomware is one of the most well-known and notorious ransomwares. In May 2017 WannaCry ransomware spread and infected to Window machines. By the time the infection was abated over 300,000 computers were infected with WannaCry. The ransom for each computer was $300 USD but payable in Bitcoin.

WannaCry is based on hacking tools developed by and stolen from the United States National Security Agency. The NSA’s Advanced Persistent Threat group, known as Equation Group. WannaCry was attributed to North Korea. The ransomware attacks infected Britain’s National Health System causing crippling the ability to care for patient’s system

Like many other malwares WannaCry was able to spread through unpatched Windows computers.

How Does Ransomware Infect a Computer?

Ransomware works by infecting one or more computers and working its way into an entire IT system. Frequently, ransomware attacks are launched with a phishing or spear phishing email campaign. Information for the phishing emails can be gleaned from social media accounts or and corporate or municipal websites.

Phishing emails are crafted to make them appear familiar and legitimate to the recipient. They may use the recipient’s name and come from what seems to be a business relationship or banking relationship. The goal of a phishing email is to get the recipient to click on a link to a malicious file or download a malicious attachment.

The malicious file may lock up a device immediately or download other malware. A Florida ransomware attack was launched with just one email click by a city employee who was fooled by a hacker’s email

What is Ransomware Protection?

Ransomware protection comes in a few forms. First it is important to protect your IT systems, maintain backups, and educate employees about the importance of cyber security. It’s also crucial to teach employees how to recognize a phishing email and then what to do and what not to do if they receive one.

Ransomware protection may also involve buying an insurance policy to pay for ransom or cover the cost of restoring a computer system

It’s also possible to buy ransomware protection in the form of an app. Computers, phones, and other electronic devices can be protected using up-to-date antivirus apps. Free and paid antivirus apps must also be kept updated with the latest libraries so a ransomware or malware attack can be detected and stopped

Can You Remove Ransomware?

Sometimes it is possible to remove ransomware without paying the hacker. Some ransomware attacks are not well constructed, and files can be rescued by the device owner. Recently a Fortnite game hack that spread itself claiming to be an aimbot and wallhack but was really a Syrk Ransomware attack in disguise. If unsuspecting players downloaded the game cheats, their computers were locked up by Syrk ransomware. In the case of the Fortnite ransomware, it was possible to decrypt your own machines and not pay the ransom.

In the case of WannaCry ransomware mentioned above Microsoft issued an emergency security patch that stopped it from spreading. The security patch was essentially a kill switch that stopped infected computers from spreading the ransomware further.

Filed Under: Malware Tagged With: ransomware

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version