One day after installing an XYZ application from an unknown developer my phone started reacting weirdly and by weirdly I mean some text was displaying on the screen stating “Pay 3 Bitcoin and get access to your phone”. I have no idea as what to do! To access my own phone I have to pay someone? Things started becoming weird after I thought to format my phone at the cost of losing all my data but after I format the message was still there. Finally, I decided to get some help from Techiyappa buoy!
What has happened here is known as Ransomware attack. It is a type of malicious software that covertly installs on your device like computer or Smartphone without the user's knowledge and then encrypt the whole device or data and ask for ransom in order to decrypt it or get back the data. It encrypts files on the system's hard drive, which becomes difficult to decrypt without paying the ransom. According to Kaspersky "Ransomware is a type of malware that, upon infecting a device, blocks access to it or to some or all of the information stored on it. In order to unlock either the device or the data, the user is required to pay a ransom, usually in Bitcoins or another widely used e-currency," So, how exactly can one protect themselves from such an attack? What are the countermeasures?
Before the birth of cryptocurrency like Bitcoin, blocking was popular. The malicious software blocks the access to a user’s operating system or browser until the victim pays the moderate ransom either by transferring money to an e-wallet or sending SMS short code. It was widely used technique and made lots of money for cyber criminals until the security experts found a way to strike the cyber criminal from the side of a payment system. But after the Bitcoin was introduced things changed. Because the Bitcoin was hard to trace and in absence of a regulating body, it was the first choice of cyber criminals for a payment system. But why is ransomware becoming more popular? Similar to Ransomware, the malware encrypts the file on the system, and private files are unique, so users cannot replace them by reinstalling an operating system. Because of this strong encryption, the victim has to pay the ransom in order to get back the data.
Facts and Figures:
In one year the number of attacks increased more than fivefold: From 131,111 attempts to infect in 2014-2015 to 718,536 in 2015-2016. The top 10 countries for ransomware are India, Russia, Kazakhstan, Italy, Germany, Vietnam, Algeria, Brazil, Ukraine, and the United States. However, the ransomware that people face in India, Algeria, Russia, Vietnam, Kazakhstan, Ukraine, and Brazil is mostly old and relatively mild versions of blockers. In Italy and Germany the situation is even worse; in those countries, the word ransomware became synonymous with the word ‘cryptor’. In 2015-2016 four racketeering Trojans were the most active: TeslaCrypt, CTBLocker, Scatter, and Cryakl. Those four families share almost 80% of the “market”.
What are the countermeasures?
1. Make backups regularly or within a short interval of time.
2. Use reliable security solutions and do not rely totally on Anti-Virus as it works only against the viruses and does not scan for the malware. (Personally, I recommend Kaspersky total security.)
3. Keep your operating system updated as company issues the patches to fix any vulnerability and make it hard for such attacks.
5. Never download any software or file from an unreliable or untrusted developer, always look for a review of that developer.
6.Stay updated on various threats and their countermeasure, visit “techiyappa.blogspot.in” for updates and share it with your friends and families.
So that encryption was not strong enough and Techiyappa buoy successfully decrypted it. Thank you for reading this. This might not be the best article and guide for safeguarding against ransomware, but it is definitely the one which you'll not forget.