Common Ransomware Attacks

Malicious software exploits have been around since the beginning of the personal computer age. Hackers and criminals saw the potential for destruction and extortion early and exploited bugs and gaps in computer operating systems and application software to attack both businesses and individual users. Viruses, trojan horses, malware and other destructive software began to flourish in the 1990s, when the internet made communication between computers so much simpler. The threats, then and now, number in the thousands, with new malicious software created every day.

In response to these threats, many companies, including McAfee, Norton, AVG, MalwareBytes, Kaspersky and others developed software programs that block and remove viruses, trojan horses and malware. Microsoft, too, has created such anti-virus and anti-malware software and supplies it to its operating system users at no charge. The battle is constant, and all those protective programs are updated constantly, with automatic features that help users stay current in their protection. In addition, operating systems are updated frequently to fix bugs and protect access points used by hackers.

Ransomware, a type of trojan horse software designed to extort money from its victims, first appeared in about 2012. Exploiting weaknesses in operating systems and other software, it locks up computer systems, encrypts data and files, and then demands payment to restore the files and access. Since these attacks are done by criminals, payment is no assurance of anything, however. In 2017, ransomware attacks became more frequent and more dangerous to sensitive data. As a leader in IT Services in the Twin Cities metro, we want you to have the latest information on these dangerous criminal extortion methods. Working backwards, here are some of the most well-known and destructive ransomware exploits:

• Petya Ransomware Used Modified NSA Code to Attack Windows Computers

  In late June of 2017, Petya began attacking computers in Europe, Asia and the United States. It encrypts users’ data files as well as the Windows master boot record, making it impossible to reboot the computer. Petya demands a payment of $300 in online Bitcoin currency. However, immediately after the attack began, the address where victims were to send the money was taken down, leaving those infected with no way to get the key needed to unencrypt their files. Windows users who regularly updated their Windows operating system appear to have been protected. The attacks took place via email attachments, phishing and other avenues.

• WannaCry Ransomware Attacked over 250,000 Users Worldwide in May of 2017

  By exploiting a Windows protocol, and using a stolen method from the National Security Agency (NSA), WannaCry encrypted data on affected computers, and demanded $300 in bitcoin for the unencryption key. It also included code that further spread the malware via attachments sent out from the infected computers email system. Most businesses affected were Microsoft Windows users using Windows 7 and earlier versions of the operating system. Microsoft quickly issued an update to protect users, but the damage had already been done to many. Fortunately, an alert computer security researcher located a “kill switch” feature in WannaCry, and the attacks ended soon after they began.

• Fusob Ransomware Attacked Users of Mobile Devices in 2015 and 2016

  Ransomware is not limited to just desktop and laptop computers running Windows and MAC OS operating systems. Beginning in April of 2015, the Fusob ransomware began attacking mobile device users. Pretending to be a pornographic video player, it enticed some users to download and install it. Once they did, the program locked the device and frightened users by threatening arrest for criminal activity, and demanded a “fine” to be paid via iTunes gift cards sent to an email address. This trojan horse ransomware program demonstrates that any device can be vulnerable to such attacks.

• Earlier Ransomware Attacks Demonstrate the Need for Vigilance and Protection

  Prior to the WannaCry and Petya releases in 2017, a number of earlier ransomware exploits have cost computer users millions of dollars and have crippled both business and individual systems. With names like CryptoWall, CryptoLocker, TorrentLocker and Reveton, they have been attacking computers and servers since 2012. Various versions of these have appeared from time to time, and are still circulating. Although major anti-virus and anti-malware software offers strong protection against these older ransomware versions, vigilance and preventive measures are still needed, since new variations may appear at any time that can still infect computers worldwide.

• Ransomware Attack Prevention

  The best way to avoid having your computer and data hijacked and held for ransom is to follow the common-sense rules listed at the link above. Regular updates of operating systems and anti-virus and anti-malware software are essential, as are avoiding opportunities for ransomware to infect your devices. Maintaining adequate system and data backups are also important protections that let you quickly recover if your systems are attacked. One thing is certain: New ransomware and other exploits will appear and threaten your data security. Get the facts you need and protect yourself.

• Recovering from Ransomware

  The highly-trained and experienced security technicians at our IT services company in Minneapolis St. Paul are your best resources if your business or personal computers are ever attacked by ransomware. Depending on the nature of the attack, a call to us is the first step toward recovery and restoration of your system and data. But, don’t wait until you have been attacked. Contact us for enterprise-grade anti-virus and anti-malware protection and to design and implement a secure, automated backup program for your systems. With those in place, you needn’t fear such an attack. Proper preparation will lead to a fast, complete recovery.

Data Security and Ransomware Recovery Services – Minneapolis St. Paul, MN

No matter how large or small your business is, it’s vulnerable to all sorts of threats from outside. Today, viruses, malware and ransomware are becoming more and more sophisticated and attacks are becoming more common each year. At Computer Lifeline, we want you to be fully informed about threats to your systems and data and to learn how to protect your business from extortion. You’ll find the information you need on our website and the expertise you need to design a data security strategy and for recovery services if you are attacked by this type of exploit. Contact us today to discuss your needs and for a consultation on measures you should take.