Despite the fact that ransomware has been attracting considerable media attention in recent times, these types of computer system attacks go as far back as the 1990s. Generally, ransomware attacks used to be more prevalent in business entities, however, the tide has shifted as attacks now frequently target ordinary folks.
Hackers targeting individuals even snoop as low as asking for $100 to $200 to unlock an individual’s PC, especially since normal people are easier targets, and probably will not bother to report cases. So, since hackers have widened their scope of attack to every computer vertical, how can businesses and individuals really mitigate the effects of ransomware attacks?
What is Ransomware?
To backtrack a bit, ransomware is essentially a computer attack that focuses on extortion rather than unleashing total destruction or sabotage. In practice, unethical hackers conspire to deprive a computer network of vital functions, data, or capabilities, then promise to give back control without harming the system if a specified ransom is paid.
Since the 90s, ransomware has dynamically evolved beyond being malware capable of encrypting file names, to also include encryption with private keys stored on cybercriminals’ servers. As such, even when a user removes the malware, they won’t still be able to recover any of the infected files, leaving them with only the option of paying the ransom.
Unfortunately, over the past decade alone, ransomware attackers have extorted payments of millions of dollars of untaxed revenue, mainly via Bitcoin. In some instances, even when the victim duly pays up, there is no guarantee that their data will be fully restored, or that it’s not already being exploited for other nefarious purposes on the Dark Web.
An example is the 2017 “WannaCry” ransomware attack, a nightmare scenario that affected thousands of computers worldwide, later mutating into other variants like Bad Rabbit, Cryptolocker, NotPetya, and SamSam.
How Ransomware Can Get Onto Your Computer
Generally, most existing ransomware variants encrypt files on the infected system (crypto-ransomware), though others erase files or deny access to the system (locker ransomware). Once access to the computer system is blocked, a ransom is demanded in order to unlock the files, usually starting from $200 – $3,000 in Bitcoins or even gift cards. Typically, hackers leave a ransom note with their contact details and instructions on how to pay the ransom.
Furthermore, ransomware variants always opportunistically target victims via an array of devices from computers to smartphones. Furthermore, ransomware can also stop access to files in drives ‘mapped’ onto user devices like external HDDs, USB thumb drives, folders in the cloud or network.
Principally, the most common way ransomware ends on computers is through malicious emails that constitute malicious attachments and scripts sent to unsuspecting individuals. So, if the individuals open the email, their computer or network automatically gets infected with malicious code.
The second common way PCs get infiltrated by ransomware is via social engineering. In practice, this occurs when someone reading an email or post on an infected website is persuaded to click a link that looks legitimate.
Relatedly, malvertising is used by hackers who craft bogus ads on the internet, and through these ads, a malicious script is subtly transmitted to the victim’s computer in a repetitive process, until the infection is relayed to other clean networks and PCs.
What Are the Threats From Ransomware?
Generally speaking, ransomware attacks are painstakingly costly in terms of money and can lead to hardware failure, human error, and even power failure.
Typically, cybercriminals ask for fees that range from between 0.3 and 1 Bitcoins. However, some hackers can demand as much as 10 Bitcoins, bringing CEOs and their organizations to their knees. Unfortunately, paying hackers ransom also makes them more dangerous and greedier as they can choose to repeatedly target your business. Furthermore, ransom payments can be used to expand a hacker’s unethical operations and activities to other victims.
Recently, a large ransomware attack hit 200 U.S. firms and hundreds more globally, with the Russia group who claimed responsibility demanding upwards of $70 million in Bitcoin to restore the organizations’ data. Similarly, a Russian ransomware group called REvil allegedly extorted $11 million from the world’s biggest meat processor, JBS, in turn, wiping out 20% of the U.S’s beef production capacity.
How to Mitigate Ransomware Risk With a Cloud Desktop?
For the most part, cybercriminals tend to leverage the information of victims found publicly on the internet and social media, then embark on attacks to exploit known vulnerabilities in Windows drivers and unsecured remote desktop protocols.
Even if you can ably afford to continuously pay ransoms, it’s never a permanent solution as there is no guarantee that the hackers will always fully restore your files.
So, while it’s sometimes impossible to stop ransomware attacks entirely, there are some steps one can take to protect themselves. For example, regularly backing up files, having updated antivirus software, and keeping applications updated with security patches.
However, despite these commendable steps, there is always a chance that you can still be infected by ransomware. To further exacerbate issues, even your backups can still be infected, putting you in a nightmare situation.
One very effective solution to mitigate ransomware attacks is to employ cloud desktops, which are essentially ‘virtual computers’. Cloud desktops that operate as Desktop-as-a-Services (DaaS) offer different features that help dramatically lessen the effects of ransomware, such as daily snapshots that create a full backup of one’s entire Virtual Desktop Infrastructure (VDI), including their files and the operating system.
In practice, snapshots serve as the ejection seat of the disaster recovery plan for one’s business as they are a complete system backup of a computer, separated from the primary disk image. So, if disaster strikes and the malware infects all the computer systems and everything is encrypted, you can simply revert back in time to a previous snapshot. Overall, because this operation is typically performed at the hypervisor level, and is thus immune from ransomware attacks.
Bottom line
Over the last two decades, ransomware has been lucrative for cybercriminals and continues to be a chronic problem for individuals and businesses. With that being said, instituting mechanisms to mitigate ransomware attacks should be something companies should not take lightly.
As alluded to earlier, adopting cloud desktops is a viable way to protect from ransomware. Cloud desktop services like V2 Cloud have state-of-the-art mechanisms in place to take snapshots daily that can be employed in case of a ransomware attack to completely restore one’s files with just a few clicks.