e-InnoSec team recently completed a 6-part series that guides organizations with leveraging GDPR preparation for CCPA. Here are the links for that series.
We wish to address the problem faced by small organizations because of Malware/Ransomware.
We will briefly address the do’s and don’ts for organizations to follow. We will also breakdown Malware in four parts.
- Part I- How do I get malware?
- Part II – Different types of malware
- Part III – How can I tell if I have a malware infection?
- Part IV – How to protect against malware?
Malware, or “malicious software,” is an umbrella term that describes any malicious program or code or any piece of software that was written with the intent of damaging devices, stealing data, and generally causing a mess.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization. This kind of malware typically locks down your computer and your files and threatens to erase everything unless you pay a ransom. The brief about different types of ransomware:
- Cryptolocker – Cryptolocker is known for encrypting the user’s files and requires a payment later to open it.
- Locker Ransomware – Locker is similar to a crypto locker. If a crypto locker encrypts the files, lockers ransomware locks the files to deny access to the user and demands a ransom to restore the files.
- Bad Rabbit – Bad Rabbit is a dangerous malware because it encrypts not just the files but also the computer’s hard disk. It also prevents Windows from booting normally.
- Zcryptor – A self-replicating malware that infects the computer and the USB drive, and spreads through spam or deceptive software installer.
- Jigsaw – Jigsaw is capable of encrypting and deleting files. It encrypts the files first and deletes it after an hour if the user fails to pay the ransom.
- Petya – This is another dangerous ransomware example that can destroy the operating system by overwriting the original data. Petya infects the entire computer system.
The next question is “How do I get malware?”
|People||Malware attacks would not work without the most important ingredient: you; willing to open up an email attachment you don’t recognize, or to click and install something from an untrustworthy source.|
|Internet and Email||The Internet and email are the two most common ways that malware accesses your system.|
|Internet||Anytime you are connected to internet there is risk of malware infection. Any time you download information from internet there is chance of malware infection in absence of anti-malware security software.|
|Websites,||Playing demos of games, downloading infected music file, surfing through hacked websites, install new toolbars from an unfamiliar provider, or opening a malicious email attachment can cause malware to penetrate into your computer systems.|
|Install or Download program||Malicious apps can hide in seemingly legitimate applications, especially when they are downloaded from websites or messages instead of a secure app store.|
|Permission to Access Data||Check the warning messages when installing applications, especially if they seek permission to access your email or other personal information.|
|Third Party Apps||Installing mobile apps from unknown third parties. The trusted source for mobile app is downloading app directly from vendors.|
|Free Offers||The bad actors out there, throw tainted bait at you with an offer for an Internet accelerator, new download manager, hard disk drive cleaner, or an alternative web search service.|
|Extra Component||This extra software, also known as a potentially unwanted program, is often presented as a necessary component, but it often isn’t.|
|Social Engineering||Use of social engineering to trick you in clicking or installing software or opting for free offers.|
|Malicious Websites||It’s even possible that just visiting a malicious website and viewing an infected page and/or banner ad will result in a drive-by malware download.|