point

The Most Discussed Malware in 2016

Sanjay Katkar, MD & CTO, Quick Heal Technologies Limited
Tuesday, December 27, 2016
Sanjay Katkar, MD & CTO, Quick Heal Technologies Limited
Headquartered in Pune, Quick Heal Technologies is a leading IT security solutions provider. The solutions are well integrated systems that simplify IT security management across the length and depth of devices and on multiple platforms.

Ransomware either locks an infected computer or encrypts all the files on the system. The objective is to demand a ransom from the victim for letting go off the system or for decrypting the files. Ransomware is becoming a serious security threat to the data and devices of individuals and enterprises alike. Its variants are constantly on the rise and are more advanced and complex in nature. Ransomware is usually delivered through exploit kits and spam emails. Victims are sent fake and devious emails loaded with attachments that contain ransomware. The spam emails are either loaded with malicious document files installing the malware; or malware directly inside a ZIP file. Visiting compromised and infected websites can also infect the user's system with a ransomware.

As much as the advent of Internet banking has made life easier for the users, it has presented an opportunity area for cyber criminals. Users should be extra careful with their passwords and while transacting online. They should only through authentic and verified networks and not through public Wi-Fi. Saving password on the phones should be avoided as mobile phones and hand held devices are also at huge risk and people have now started taking cognizance of this fact. It is highly critical to secure the mobile phones with a robust antivirus solution.

All industries are equally vulnerable to ransomware attacks; banking being the most lucrative one for attackers as far as only monetary gains is a focus. Banking malware is going to be a concern in the coming days for security experts and more importantly users of mobile Internet banking. With almost all banks developing dedicated apps for banking, hackers are going to leverage this as a lucrative opportunity to trick users and generate illegitimate cash to further fuel their nefarious intentions. The thriving social engineering sites also have not been able to get a shield against the burgeoning ransomware and malware attacks. It is very likely that people fall for these attacks when it comes from a post which looks quite simple and is shared by a friend connected on the site. With millions of users and an expanding user base; social networking sites have become a fairly popular breeding ground for malicious phishing attacks.
Ransomware can infiltrate a device in several ways including; visit to an infected website, clicking on a malicious link, opening an infected email attachment, using an infected USB drive, through unpatched security vulnerabilities. Users can come across any of these and hence, one needs to be aware on this growing menace and needs to be alert to be able to identify any malicious email or attachment as a possible ransomware. Installing a robust anti-virus solution with inbuilt intelligence of identifying and preventing ransomware infections is a precaution that the user can take to prevent the damage. A user should look for few important features while installing an antivirus solution such as; proactive monitoring of new infections, behavior based detection engine, notification on detection of ransomware. The antivirus should also be able to block phishing e-mails and phishing websites. For the user, it is very important to adopt certain practices to prevent loss of data.

The main reason that makes ransomware a hard nut to crack is the technology they use to encrypt files. Primitive ransomware families used an encryption method which was relatively easy to break. The modern day ransomware, however, uses a more complex method to encrypt the victim's files. Here, criminals have two things, a public key for encrypting the files and a private key for decrypting the files. It is the private key that a victim needs to buy in order to decrypt the files. Without this key, the decryption is impossible.

Share on Twitter
Share on LinkedIn
Share on facebook