How ransomware according to some reports from Microsoft.

How does Ransomware spread?

Ransomware is a kind of malware that blocks
or encrypts user’s files and demand a ransom in order to decrypt them. These
malicious programs mostly spread by tricking the users to click on some popups
which may have appeared to be safe and sound. Once such a spurious popup is
clicked, a ransomware program gets installed to the system and finds files with
extensions like JPG, XLS, PNG, PPT, DOC, etc. These files are generally
important ones in any computer system. The installed program then informs the
user to make a payment to the perpetrators generally in the form of
cryptocurrencies. The payment is generally done in this way so that nobody can
trace the identity of the team spreading ransomware. Attackers generally uses
Tor protocol to conceal their location.

Along with this, ransomwares also spread
via traditional mailing system. More than 60 percent of ransomware spreads via
an email (specifically as a Microsoft Word document or a .ZIP file). According
to Cisco Systems’ 2017 Annual Cybersecurity Report, 65 percent of email traffic
is spam and about 10 percent of the global spam observed in 2016 was classified
as malicious.


Financial damages due to ransomware:

Businesses as well as individuals need to
be fully aware of the threat posed by ransomware and make cybersecurity a top
priority. According to Kaspersky, in an interval of 2 minutes at least 3
companies get hit by one type of ransomware or the other. Moreover there has
been a three-fold increase in attacks over the business in the year 2016.
Ransomware attacks can always result in disrupting some important systems and
can destroy some confidential data. A damage of $325 million was accounted as a
damage due to ransomware according to some reports from Microsoft. Cybersecurity
Ventures predicted cost of damage to be $1 Billion in 2016, and there is an
annual growth by 3.5 times in ransomware, in reference to Annual cybersecurity
report by cisco in 2017.

Other than financial impacts, there is
permanent or temporary loss of sensitive or proprietary data. Moreover, the
regular operations get disrupted. On an organizational level, it potentially harms
the organization’s reputation. Even on paying the ransom, one may not guarantee
that the encrypted files will be decrypted. In addition, it cannot be said that
the malware infection has been completely eradicated from the computer system.


Conventional ways of tackling Ransomware:

We need to ensure that we do have an
antivirus equipped system which is updated on regular intervals. Though an
antivirus could be an initial protection safety layer as it is based on
signatures and therefore there is always a possibility of missing out the newer
variants. In an organization it is best to have a multi-purpose and security
solution that could deal with multiple problems, risk at a time providing
enhanced protective technologies such as firewalls, behavioral threat
protections, etc. Security awareness campaigns should be organized that stress
the carelessness that can be very easily tricked by the spurious links and
attachments via emails. Being too care free most of the users would not at all
think twice to open any bogus links and can so be easily tricked via these
email. This phishing has shown to be a very easy and very common way of
entrance vector for ransomware which is eventually extremely successful.

Moreover, it is becoming very important to
take a backup for the data already residing in systems and storage. It is
widely recommended that one’s a backup is been completed it is better to remove
the physical device connected to same, so that in case our physical device is
infected with any sort of ransomware or a malware it cannot touch the cloud
storage and cannot corrupt the data stored in backup. Also, going well with GPO
restrictions provides an affordable as well as an easy way to avoid any attacks
from malware. GPO provides us with a piece by piece control over the execution
process of files therefore not compromising with the security of the PC and
keeping it much safe compared to any other type of control.