What is ransomware?

Table of Contents

Ransomware - definition of the term

The term "ransomware" refers to malware. The word ransom means "ransom". The word "commodity" denotes various types of computer programs (usually software, malware, etc.)

The danger for every system

This malware can become an expensive affair to restore systems. Repairing the damage caused usually requires a lot of human and financial resources. Especially when business operations come to a standstill as a result of the attack, such an infestation with ransomware can quickly threaten the existence of a company.

In addition, in most cases the blackmailer demands a “ransom”.

The ransom is due in order to regain access to the data or systems. If the data has not been fully backed up or if the backups made are also encrypted, it may be necessary to pay the demanded ransom. This should usually be paid in bitcoins.

What is a crypto trojan or ransomware trojan?

Ransomware is malware, also known as crypto trojans or extortion trojans in the German public, which uses cryptographic methods to encrypt a user's files and thus deny him access to them, sometimes even to the entire file Computer system and the connected network.

In the last six years in particular, there has been a sharp increase in attacks with ransomware.

In the meantime, a separate business model has been formed under the keyword Malware-as-a-Service. Currently, e.g. The Emotet malware, for example, poses a major threat.

Even visiting an infected website or opening file attachments can lead to those affected becoming infected with the ransomware.

You think your IT is secure?
Get certainty with our penetration testing!
Inquire now

Infection with ransomware

Infection with ransomware usually takes place via a Trojan attached to a file. A classic gateway is an email attachment in the form of an Office document that is opened by the user or a link in the email to download a file.

Other possible gateways are infected websites to which victims of ransomware are directed or prepared devices such as USB devices (USB sticks, mice, keyboards) and memory cards.

Technically advanced variants such as the "WannaCry worm" or "Emotet" can continue to spread independently in the network after the initial infection, even without user interaction.

When infecting a computer, the Trojan sometimes disguises itself as an obvious and useful application for the user.

Prevention is the best defense against ransomware

The basic protective measures against ransomware are firewalls and antivirus programs. However, these alone cannot prevent infection with malware.

Organizations that want to protect themselves from the dangers of ransomware and other malware should conduct regular penetration tests, in which the organization, networks and systems are checked for potential security gaps and vulnerabilities through which infection can occur.

For example, as part of a vulnerability analysis, professional penetration testers check whether the existing security precautions are configured and used correctly. Whether the software used is up-to-date and secure and whether employees and those responsible are being tricked into opening e-mail attachments or divulging their log-in data by fake e-mails (phishing).

Anyone who wants to rule out or minimize risks for their company or organization should therefore have their own IT security tested regularly through external and internal audits.

Would you like an objective assessment of your system?
Contact us now

If you got caught...

If you discover that your computer is infected, you should immediately disconnect it from the network, but not shut down the system. Immediately contact IT security contacts who can assist you in investigating, preventing, and remediating the infestation. As a result, reporting it to the police can make sense; for this purpose, the so-called ZACs (central contact point for cybercrime) of the respective federal states.

IT security specialists help with decryption and future prevention of future incidents

Newsletter Form

Become a Cyber ​​Security Insider

Get early access and exclusive content!


OTHER CONTRIBUTIONS

Table of Contents

PSN_KU_Cover
NewsLetter Form Pop Up New

Become a Cyber ​​Security Insider

Subscribe to our knowledge base and get:

Early access to new blog posts
Exclusive content
Regular updates on industry trends and best practices


Please accept the cookies at the bottom of this page to be able to submit the form!