Definitions Edit

Ransomware is

[a] form of malware that restricts access to a device unless the victim pays to have it unlocked.[1]
[a] malicious form of software that locks your computer or files and requires you to pay money to get the decryption code to unlock your files or device.[2]
a type of malware which restricts access to the computer system that it infects, and demands a ransom be paid in order for the restriction to be removed.[3]
a type of malware (malicious software) distinct from other malware; its defining characteristic is that it attempts to deny access to a user's data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid. After the user's data is encrypted, the ransomware directs the user to pay the ransom to the hacker (usually in a cryptocurrency, such as Bitcoin) in order to receive a decryption key. However, hackers may deploy ransomware that also destroys or exfiltrates data, or ransomware in conjunction with other malware that does so.[4]
a form of malware that targets your critical data and systems for the purpose of extortion.[5]

Overview Edit

Ransomware typically propagates as a conventional computer worm, entering a system through, for example, a vulnerability in a network service or an e-mail attachment. It may then:

In both cases, the malware may extort by:

  • Prompting the user to enter a code obtainable only after wiring payment to the attacker or sending an SMS message and accruing a charge.
  • Urging the user to buy a decryption or removal tool.

More sophisticated ransomware may be a hybrid — encrypt the victim's plaintext with a random symmetric key and a fixed public key. The malware author is the only party that knows the needed private decryption key. The author who carries out this cryptoviral extortion attack offers to recover the symmetric key for a fee.

Ransomware is illegal under the Computer Fraud and Abuse Act.[6]

FBI Recommendations to stop ransomware attacks Edit

The FBI recommends users consider implementing the following prevention and continuity measures to lessen the risk of a successful ransomware attack.

Additional considerations for businesses include the following:

Specific Ransomware Edit

Ransomware includes the following;

References Edit

  1. Cybersecurity in the Golden State, Security Breach, Malware.
  2. Cybersecurity A Primer for State Utility Regulators, App. B.
  3. Digital Currencies: Response to the Call for Information, at 11 n.1.
  4. FACT SHEET: Ransomware and HIPAA, at 1.
  5. How to Protect Your Networks from Ransomware, at 2.
  6. Cybersecurity: Selected Issues for the 115th Congress, at 3.

Source Edit

See also Edit

External resources Edit

This page uses Creative Commons Licensed content from Wikipedia (view authors). Smallwikipedialogo.png