Blog_2Blog_2Blog_2Blog_2
  • MARKET BUZZ
    • Daily Crypto News
    • Weekly Wrap Up
  • TOPICS
    • Crypto Basics
    • Defi
    • Metaverse
    • NFT
    • Blockchain
  • CRYPTO VERSE
    • Investing
    • Cryptocurrency
    • Price Predictions
    • Crypto Technical Analysis
    • Crypto Ama
    • Investment Research
  • PRODUCT
    • Tutorials
    • Product Features
    • Security Compliance
  • COINDCX
    • Announcement
    • Community
    • Crypto Competition
    • Listings
    • Opinion
    • Stories
Visit CoinDCX
✕
            No results See all results

            Curbing the Threat of Cyber Extortion by Adoption of Good Security Practices to Fend Off Ransomware Attacks

            September 1, 2020
            Ransomware

            Snapshot

            1. In this article, we will address the basics of ransomware
            2. How an informed approach can be taken to reduce the possibility of falling victim to an online attack
            3. Reports show the average Indian firms paid over ₹8 crores ransom on average to mitigate the impact of ransomware on their operations

            Clicking on a seemingly innocent weblink can incur greater costs than many individuals and corporations might imagine. Concerns around ransomware—a type of malware that typically enables cyber extortion for financial gain—have been mounting in recent times, with increased calls for greater consumer vigilance among the cybersecurity community. Reports show the average Indian firms paid over ₹8 crore ($1 million USD) ransom on average to mitigate the impact of ransomware on their operations, with some 82% of Indian firms hit by ransomware in the past year. In an increasingly interconnected world, ransomware now accounts for 27% of malware incidents, and 18% of organizations globally blocked at least one piece of ransomware, according to the 2020 Verizon Data Breach Investigations Report.

            Reducing the threat of ransomware is tricky—it is difficult to prevent users from clicking on web links, especially those who do not know better. The best approach is to advocate for and educate the public on good security practices to prevent ransomware attacks. In this article, we will address the basics of ransomware, and explain how an informed approach can be taken to reduce the possibility of falling victim to an online attack.

            Table of Contents

            • What is ransomware, and how does it work?
            • How is ransomware introduced to a victim’s system?
            • What can I do to protect my data and networks?
            • What should I do if my computer is infected with ransomware?
            • How can I adopt good security practices?

            What is ransomware, and how does it work?

            Ransomware is malware that typically enables cyber extortion for financial gain. Bad actors can hide weblinks to ransomware in seemingly harmless emails or web pages. Once the ransomware is activated by clicking the infected link or downloading a file with hidden ransomware, it infects a computer system and encrypts computer files, preventing users from accessing their documents, applications or systems. When the ransomware has encrypted the files on the computer, it creates and displays a file containing instructions on how the victim can pay the ransom to regain access to their computer systems.

            If the threat actor’s ransom demands are not met (i.e. if the victim does not pay the ransom), the files or encrypted data will usually remain encrypted and unavailable to the victim. Even after a ransom has been paid to unlock encrypted files, threat actors might sometimes demand additional payments, delete a victim’s data, dump the data on the dark web, refuse to decrypt the data, or even decline to provide a working decryption key to restore the victim’s access to their files.

            Ransomware comes in many variants, and in recent years, has grown in the brazenness, prominence, and frequency of attacks. Well-known ransomware viruses include Cryptolocker and its variants such as Kriptovor and Teslacrypt, Cerber, and WannaCry.

            How is ransomware introduced to a victim’s system?

            Ransomware is commonly delivered through phishing emails or via a “drive-by download”—an unintentional download of malicious code to your computer or mobile device that leaves you open to a cyberattack. Phishing emails often appear as though they have been sent from a legitimate organization or a contact of the victim, enticing the user to click on a malicious link or attachment. The malicious code may run automatically after files have been downloaded onto the user’s computer, without any user interaction. After the malicious code has been run, the computer becomes infected with ransomware.

            What can I do to protect my data and networks?

            While ransomware is often unpredictable and attacks are increasingly sophisticated, there are a number of basic steps that may be taken to reduce the severity of an attack and protect yourself from potential extortion.

            • Backup your computer. Perform frequent backups of your system and important files, verifying your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.
            • Store your backups separately. The best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive or separate your device from the network or computer.
            • Train your organization. Organizations should ensure that they provide cybersecurity awareness training to their employees. Ideally, organizations should have regular cybersecurity awareness training to ensure their personnel are informed of cybersecurity threats. To improve workforce awareness, organizations can test their personnel with simulations of real-world phishing emails.
            • Update and patch your computer. Ensure your applications and operating systems (OS) have been updated with the latest patches. Vulnerable applications and OS are the targets of most ransomware attacks.
            • Open email attachments and hyperlinks with caution. Be wary of opening email attachments or clicking directly on links in emails, even from senders you think you know, particularly when attachments are compressed files or ZIP files. Make sure to scan all software downloaded from the internet with an antivirus software prior to executing.
            • Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic.
            • Always use a VPN for accessing the internet, when browsing the internet using public networks or shared networks
            • Never use unfamiliar USBs. Never insert USBs or other removable storage devices into your computer if you do not know where they came from. Cybercriminals may have infected the device with ransomware and left it in a public space to lure you into using it.

            What should I do if my computer is infected with ransomware?

            Having taken the necessary precautions, it is still possible to fall victim to a ransomware attack—especially as cyber criminals become more and more sophisticated over time. If you fall victim to a ransomware attack, limiting the impact of the infection will be paramount in protecting your other systems and files. Following these steps should serve to limit the spread of the ransomware.

            • Isolate the infected system, and turn off other computers and devices. Remove the infected system from all networks, and disable the computer’s wireless, Bluetooth, and any other potential networking capabilities. Ensure all shared and networked drives are disconnected whether wired or wireless.
            • Power-off and segregate the infected computers. Power-off and segregate any other computers or devices that are in the same shared network with the infected computer that have not been fully encrypted by ransomware. Powering-off and segregating infected computers and computers that have not been fully encrypted may allow for the recovery of partially encrypted files by specialists.
            • Secure your backups. Ensure that your backup data is offline and secure. If possible, scan your backup data with an antivirus program to check that it is free of malware.
            • All users should: change all system passwords once the ransomware has been removed.
            • Working with local law enforcement and IT specialists will also serve to mitigate the damage of a ransomware attack, and may lead to potentially locating and arresting malicious actors.
            • Home users should: immediately contact your local law enforcement agency office to request assistance.
            • Organizations should: immediately report ransomware incidents to your IT helpdesk or security office And follow the incidence response process to get systems back online.

            How can I adopt good security practices?

            Looking beyond ransomware and malware attacks, the basics of internet hygiene and good security practices should always be borne in mind by computer users. Simple steps can serve to fortify your systems from cybercriminals and would-be-hackers. Practicing computer safety should be a first priority for all netizens.

            • Always use a strong password. Rotate or change your password regularly. Use a password manager to make the password management simple.
            • Always log off public computers.
            • Pay attention to browser warnings and shop smart online.
            • Use secure Wi-Fi connections at home and away.
            • Limit sharing information about yourself on social networks.

            Download files legally. Avoid downloading files like torrents from p2p file-sharing platforms. Match and verify the hash of the file content after download

            It is imperative for all computer users to take note of the risks associated with and identify possible malware links, adopting all possible precautions to prevent their computers from being infected with malware. With malware attacks on the rise globally and within India, now—more than ever—it is important to take the necessary precautions and to practice good computer hygiene to help circumvent the threat of falling prey to online attacks and the risks inherent to a cybersecurity breach. With minimal effort and common sense, organisations and individuals can avoid what are often very complicated and expensive processes of undoing a security breach and recovering corrupted databases and information.

            Initially published at – Express Computer


            Authored by Neeraj Khandelwal, Co-Founder, and Akash Mishra, Director of Security at CoinDCX

            Share
            0
            CoinDCX
            CoinDCX

            Related posts

            November 24, 2022

            Transparency – The currency of trust at CoinDCX


            Read more
            CoinDCX Regarding proof of reserves and liabilities
            November 13, 2022

            CoinDCX regarding Proof of Reserves and Liabilities


            Read more
            Our Approach Towards Consumer Protection and Risk Management
            November 10, 2022

            Our Approach Towards Consumer Protection and Risk Management


            Read more

            Recent Posts

            • 0
              Ripple Price approaching $0.5, What triggered a 7% Jump in XRP Prices?
              March 28, 2023
            • 0
              Gains Network Price Prediction 2023: This is When GNS Price May Hit $10
              March 28, 2023
            • What is Linear Finance? How To Buy LINA Token In India?0
              What is Linear Finance? How To Buy LINA Token In India?
              March 28, 2023
            • Ethereum's Vitalik Sends First Transaction as Polygon zkEVM Mainnet Beta Has Been Launched0
              Polygon Labs Launches Beta version of zkEVM Mainnet
              March 28, 2023
            • What is Gains Network Token? How To Buy GNS Token In India?0
              What is Gains Network Token? How To Buy GNS Token In India?
              March 27, 2023

            Categories


            • BTC to INR


            • ETH to INR


            • USDT to INR


            • USDC to INR


            • BNB to INR


            • BUSD to INR


            • XRP to INR


            • ADA to INR


            • SOL to INR


            • DOGE to INR


            • SHIB to INR


            • MATIC to INR


            • TRX to INR

            Invest in Bitcoin, Ethereum, & other 200+ crypto assets.
            Download the app now, register & start with as low as Rs.100
            ios download link
            android download link
            qr code for download

            COMPANY

            Security
            Blog
            About
            Careers
            Referral Program

            PRODUCT

            Margin
            Trade
            Futures
            Insta
            Convert
            Lend
            Markets
            API Documentation

            SUPPORT

            Contact Support
            Frequently Asked Questions (FAQ)
            Contact Us

            • Customer Support: s[email protected]
            • Team: [email protected]
            • Press: [email protected]

            SOCIAL LINKS

            Icon of FacebookFacebook
            Icon of FacebookTwitter
            Icon of InstagramInstagram
            Icon of TelegramTelegram
            Icon of LinkedInLinkedIn
            Icon of RedditReddit

            Logo of CoinDcx Download our Android/iOS App: CoinDCX Ⓒ All rights reserved by Primestack Pte. Ltd.

            DISCLAIMER

            The information and material contained herein are subject to change without prior notice including prices which may fluctuate based on market demand and supply. The material available on the site is proprietary to CoinDCX, its parent, Licensor and/or its affiliates and is for informational purposes and informed investors only. This material is not: (i) an offer, or solicitation of an offer, to invest in, or to buy or sell, any interests or shares, or to participate in any investment or trading strategy, or (ii) intended to provide accounting, legal, or tax advice, or investment recommendations. Note Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions.

              Visit CoinDCX
                        No results See all results
                          Go to mobile version