Scribd
Upload
5 views8 pages

0129 Iscl

The document provides an overview of ransomware attacks, explaining how they operate, their motivations, and the steps involved in executing such attacks. It distinguishes between general ransomware and targeted ransomware attacks, highlighting the dangers of the latter due to their focus on exploiting specific vulnerabilities in organizations. Additionally, it outlines best practices for preventing ransomware, including keeping systems updated, using antivirus software, limiting user access, and providing security awareness training.

Uploaded by

Princy Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5 views8 pages

0129 Iscl

The document provides an overview of ransomware attacks, explaining how they operate, their motivations, and the steps involved in executing such attacks. It distinguishes between general ransomware and targeted ransomware attacks, highlighting the dangers of the latter due to their focus on exploiting specific vulnerabilities in organizations. Additionally, it outlines best practices for preventing ransomware, including keeping systems updated, using antivirus software, limiting user access, and providing security awareness training.

Uploaded by

Princy Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Ramswaroop memorial university

INFORMATION SECURITY AND CYBER LAW


BCS5003-DE1

▪ NAME-PRINCY SINGH
▪ ROLL NO.-202110101110129
▪ COURSE-BTech. CS
▪ GROUP-65
▪ SUBMMITED TO-MR.VISHAL BHATT
INTRODUCTION TO RANSOMWARE AATACKS

 "Ransomware is a type of malicious software (malware) that is


designed to block access to a computer system or its data, usually
by encrypting it, until a ransom is paid. It is typically spread through
phishing emails, malicious links, social engineering tactics or
exploiting vulnerabilities. Once the ransomware is activated, the
attacker will demand a payment in exchange for a decryption key,
or access to the system. This type of attack is usually financially
motivated, as attackers can potentially make large amounts of
money from unsuspecting victims.
 The attacker aim will be to spread the malware in as many
systems as possible before blocking the access in order to
maximize the pressure on the victim to pay the ransom, the
business may not be able to continue operating properly during
this time and may also be threaten with the release of sensitive
data.
What are the steps of a
ransomware attack?
 This will depend on the level of sophistication; the process tends to be automated in most
cases but in some, targeting big organizations, criminal groups may spend more time
preparing to make sure they can successfully force the organization to pay.
• Gain access
 A ransomware attack typically begins with the attacker gaining access to a victim’s
computer or network through methods such as phishing emails, infected software
downloads, or exploiting vulnerabilities through the network.
• Spread
 Once the attacker has access to a system in the internal network, it will try to spread the
malware across. For simple attacks the spread will depend on the sophistication of the
malware and this will happen automatically, for more targeted attacks the malware will
call home and let the attacker research ways to spread further and take control of more
systems.
Why Targeted Ransomware Is So
Dangerous
 Cybercriminals use targeted ransomware attacks because
they know that the organization contains vulnerabilities. If this
attack hits a company, it’s highly likely to succeed.
Cybersecurity experts state that cybercriminals usually attack
companies with an insecure RDP connection.
 It’s important to note that this connection escalates privileges
and eventually gets administrator controls. This allows them
to deactivate security solutions and ultimately infect the
system with ransomware.
Difference between ransomware
attacks and targeted ransomware
attacks
 One significant difference between ransomware attacks and targeted
ransomware attacks is that in a typical mass ransomware campaign,
the attacker sends out the virus and waits for responses.
 However, in targeted ransomware attacks, the attackers are always
there: they are responsible for infecting the system, even if they don’t
know who their victim will be.
 These attacks are an example of live hacking, where the attacker is
much more resourceful than traditional security measures and
sometimes even manages to get around them.
Best Ransomware Prevention
Practices

 Keep All Systems And Software Updated


Always keep your operating system, web browser, antivirus, and any other
software you use updated to the latest version available. Malware, viruses, and
ransomware are constantly evolving with new variants that can bypass your old
security features, so you'll want to make sure everything is patched and up-to-date.
 Install Antivirus Software & Firewalls
Comprehensive antivirus and anti-malware software are the most common ways to
defend against ransomware. They can scan, detect, and respond to cyber threats.
However, you'll also need to configure your firewall since antivirus software only
works at the internal level and can only detect the attack once it is already in the
system.
 Limit User Access Privileges
Another way to protect your network and systems is limiting user access and
permissions to only the data they need to work. This idea of "least privilege"
limits who can access essential data. By doing so, you can prevent
ransomware from spreading between systems within a company
 Security Awareness Training
Because end-users and employees are the most common gateway for cyber
attacks, one of the most important trainings a company can provide is
security awareness training. Phishing and social engineering tactics can
easily take advantage of unsuspecting, ill-equipped users.
THANK YOU

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy