In the late 1980s, "PC Cyborg" came demanding $189 by mail. Thankfully, this attack was fairly simple and easy to reverse. Over the next 10 years, more serious ransomware threats began to appear, like "GpCode" and "WinLock". The answer to how ransomware works depend on the type of ransomware. For example, "crypto locking" malware locks files with strong encryption. Specifically, the criminal holds files hostage and offers to give the encryption key in exchange for payment.
Types of Attacks
Scareware is a malware tactic that scares you into downloading a piece of malware that encrypts data but claims to be a nice agency noticing bad software on your computer and can remove it. Then, there are tech support scams that claim to be Microsoft wanting to fix your computer.
Screen lockers infect the operating system and lock you out of devices. Then the scammer blocks you from accessing any files.
Encrypting (crypto lockers)
Among the most dangerous and prevalent, this is when the malware encrypts your files, folders, and hard drives.
Doxing is when someone publishes private or identifying information about a person on the internet with malicious intent. Similarly, doxware is when a cybercriminal threatens to publish stolen sensitive data online unless you pay.
Ransomware-as-a-service (RaaS) is a service where cybercriminals sell ransomware to people who can't create it themselves.
Ransomware on mobile devices
Finally, Criminals infect the phone and steal data before demanding payment in exchange. An example of this form would be social engineering on social media.
Undoubtedly, the largest target of ransomware attacks is small to medium-sized businesses (SMBs). They tend to have the least protections in place while needing data faster should it get taken.
Common targets for ransomware attacks include windows endpoint systems (employees’ PCs), software-as-a-service applications, data repositories, and databases. Not sure if your company is fully protected, click here.