close
test_template

Analysis of The Main Types of Ransomware Attacks

Human-Written
download print

About this sample

About this sample

close
Human-Written

Words: 1678 |

Pages: 4|

9 min read

Published: Apr 15, 2020

Words: 1678|Pages: 4|9 min read

Published: Apr 15, 2020

It is without question that as computational technology advances, so do the technologies that no one hopes to ever fall victim to. The topics of cyber-crime as well as cyber security are dauntingly vast fields of issues and are both multiple billion-dollar industries. In order to narrow it down, it is possible to look at one of the issues at the forefront of the discussion and extrapolate from there. While ransomware has been around for some time now, it has fought its way into the headlines within the past couple of years. In the most basic sense, ransomware is malware that attempts to lock function to the computer, or individual files, until a ransom has been paid to the designated payment address. In the worst case, all normal function of the computer will cease to exist, and all the user’s files will be encrypted before they even know they have been infected. Without proper precautions there may be nothing the user can do to recover the files, and even if the ransom is paid, there is never a guarantee that the encryption will be removed from the files.

There are many different types of ransomware being used by malicious people today. While some are worse than others, all forms of ransomware share the key component of demanding a ransom to return control to the infected user(Mateui). The most heard-of form of ransomware is the encryption ransomware. This type of malware uses an encryption algorithm on the user’s files, rendering them useless until unencrypted. The biggest issue here is that, assuming the ransomware was engineered “properly”, the encrypted files will not be able to be decrypted without the key used by the person who encrypted the files. Trying to brute force this key would be impossible within our current understanding of physics. In turn, the only way to get the user’s files back from an infected machine would be to pay the ransom and hope that the infector maintains their promise of decrypting the user’s files. Two other forms of ransomware include lockers, and scareware. Both of these are much less threatening than the previous and can be safely removed from the computer by someone with the proper knowledge. Lockers essential lock all function to the computer, and simply display the instructions for payment of the ransom on the user’s screen. Scareware is fake software that claims to have found issues on the PC and demands money to fix the issues. Scareware comes in many different flavors but is harmless, for the most part, and can easily be removed. Doxware is another form that essentially steals personal information or sensitive files from the user and threatens to publish it online unless the user pays the ransom. There is no getting around this form of ransomware. Once the information has been stolen, there is no way to know if that information has been deleted or not, and even if the ransom is paid, there is no way to guarantee that the information won’t still be published online(Mateui).

The biggest and worst ransomware attacks took place just in the last few years. WannaCry was by far the largest scale ransomware attack in history. The attack began on May 12th 2017 and infected in total more than 400,000 different machines. This particular attack was so potent because it, unlike many other malwares, took advantage of a vulnerability in the server message block protocol in Windows machines as opposed to widely-used phishing schemes(Crowe). The majority of these ransomware attacks are distributed via phishing schemes through malicious emails, but this particular attack was able to infect machines without the user explicitly doing anything to launch the program. The exploit used in the attack was from a hacking tool leaked from the NSA just a month before the attacks started. Nearly every machine infected by WannaCry was running an outdated version of Windows 7. Microsoft released updates a month before the NSA leak rendering the majority of the exploits from the leak ineffective. This effectively means users had about 2 full months to update their machines and the updates would have protected them from the WannaCry attacks. By the end of the life of WannaCry, only 0. 07% of victims paid the ransom, equating to around $120,000 in collected ransom. Considering how many machines were infected through the process, very little revenue came to the attackers. Decryption tools became available for the WannaCry encryption just 5 days after the attacks started, giving user’s a way to get their files back without paying the ransom. At the end of the day the WannaCry ransomware was only significant in the sheer number of machines it infected. The encryption used was cracked in under a week, and attack “was designed for payments and decryption key transfers to be processed manually. That suggests the attackers may not have expected the ransomware to have anywhere close to the reach it did(Crowe). ”

They key factor uniting the different types of ransomware is the demand of a ransom(Mateui). In order to have a shot at reclaiming your files, the attacker demands a ransom to be paid by a certain time. In order for the attacker to avoid being tracked down by law enforcement, the majority of ransomwares demand payment in bitcoin or another form of cryptocurrency. Since cryptocurrencies are currently unregulated, there is no way to track the attacker’s cryptocurrency wallet back to them. The ransomware usually provides instructions to the infected user on how/where to purchase cryptocurrency, as well as the address of the attacker’s wallet to deposit the cryptocurrency into. Criminal activity such as this is a strong contributor to the hesitation, and slow adoption of cryptocurrencies by the masses. With so much crime behind cryptocurrency, many people are generally afraid of the possible outlaw of some or all cryptocurrencies by their governments.

Within the last few years the numbers and types of ransomwares has been increasing rapidly. Along with this comes more and more preventative measures to help users avoid being infected in the first place. With most of the more advanced and well-written ransomwares, after infection there is virtually nothing a user can do to get their data back aside from paying the ransom and hoping for the best. Antivirus and cyber-security companies skyrocket in response to threats emerging and growing and is definitely the case here. There are a number of ways a user can prevent being infected, and also to preserve their important data if they are ever unlucky enough to be infected. The best step anyone can take in protecting their data from not just ransomware, but almost any threat in general is to routinely make a backup of their important data and files. More so, if the user has the ability to keep a copy of their data in a separate location from the main machine, the data will be better protected from natural disasters, fires, and other events that cannot be planned for. In the event that something happens to the main machine, the backup will have a copy of the files lost, encrypted, accidentally deleted or anything else. The very best way to prevent ransomware infections is the same as preventing any kind of malicious software from making its way onto the user’s machine. Keeping an up-to-date operating system, as well as antivirus will help to prevent most unwanted software from populating the device. Since most malicious software is distributed by the use of phishing schemes through email or from downloads from the internet, emails should never be opened unless the sender is known by the user, and nothing should be downloaded from the internet unless the website is trusted by the user. Following the right preventative measures should, for the most part, protect a common user from having to deal with the loss of their important data and their money.

Large organizations will always have a harder time preventing ransomware and other viruses than individual users. These organizations have many more possible entry points for a virus, and they have to deal with the hardships of backing up much larger quantities of data, as well as the slow process of keeping the entire network up to date with security patches. The more employees and computers an organization has, the more emails that are opened, files that are downloaded, and time spent updating and upgrading each of the machines. It is unrealistic for a large company to consistently update the entire network every time a new security patch is released for the operating system or antivirus or anything else. While a single user might be able to keep their own system up to date within a few days or weeks, large companies often take months to years to fully update all the systems. In order to help prevent the contraction of ransomware or malware in general, a company should educate all employees “to help employees avoid common malware pitfalls(Volynkin). ” These organizations should also routinely back up all critical information to offline and offsite storage to best prevent the loss of some or all of their data. There are also some network restriction steps a company can take to stop the spread of the malware through the network if only one machine is infected.

Get a custom paper now from our expert writers.

Ransomware has become the most recent iteration of scary malware that no one wants to have to deal with. So long as there are computers and the internet, there will always be a market for malicious software that could turn a profit for the less ethical of people. Ransomware is not the first and will most definitely not be the last iteration in this business model. While there is no foolproof way to avoid such things, keeping a system up to date, making consistent backups, and avoiding emails and downloads from unknown sources remain the best ways to avoid any sort of malicious software infecting a user’s machine(Volynkin). These are good practices to get in the habit of, especially considering cybercrime is a multi-billion-dollar industry and is continuing to grow. The industry is expected to grow to over $2 trillion by 2019(Smith).

Image of Dr. Oliver Johnson
This essay was reviewed by
Dr. Oliver Johnson

Cite this Essay

Analysis of the Main Types of Ransomware Attacks. (2020, April 12). GradesFixer. Retrieved December 8, 2024, from https://gradesfixer.com/free-essay-examples/analysis-of-the-main-types-of-ransomware-attacs/
“Analysis of the Main Types of Ransomware Attacks.” GradesFixer, 12 Apr. 2020, gradesfixer.com/free-essay-examples/analysis-of-the-main-types-of-ransomware-attacs/
Analysis of the Main Types of Ransomware Attacks. [online]. Available at: <https://gradesfixer.com/free-essay-examples/analysis-of-the-main-types-of-ransomware-attacs/> [Accessed 8 Dec. 2024].
Analysis of the Main Types of Ransomware Attacks [Internet]. GradesFixer. 2020 Apr 12 [cited 2024 Dec 8]. Available from: https://gradesfixer.com/free-essay-examples/analysis-of-the-main-types-of-ransomware-attacs/
copy
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled

close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    clock-banner-side

    Get Your
    Personalized Essay in 3 Hours or Less!

    exit-popup-close
    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now