StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Preventing and Removal of Ransomware - Essay Example

Cite this document
Summary
The paper "Preventing and Removal of Ransomware" asserts that Any user should back up their files as a precaution not to lose the important files in case of any attacks. These precautions are vital in avoiding paying the attackers and making their money laundering business lucrative…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.4% of users find it useful
Preventing and Removal of Ransomware
Read Text Preview

Extract of sample "Preventing and Removal of Ransomware"

Ransomware Introduction In the computer virology, there are numerous scientific researchers investigating other malware programs such as Trojan, spyware and worms. The recent cyber threat in a computer system is ransomware also known as cryptovirus. Ransomware is a virtual extortion that uses data encryption, Trojan destruction threat and lockout of the user. The ransomware draws attention in the information systems security researchers and security. The Ransomware causes the users a lot of money and damages to the stored information. Latest Ransomware causes loss of information if there is no backup information and does not pay the ransom. Ransomware is a threat due to inability to recover information from the infected computer. Ransomware is a hijacking threat in the computer system using encryption technology to limit or prevent the user’s access to their system. The Three types of ransomware include encrypting malware, lock-screen viruses and scareware. The ransomware make be in the form of police blocking computer access or FBI virus while others use pornographic images to embarrass the victim. The victims of this malware are usually internet users though hijacking of their user files. It often requires the user to pay ransom to the malware creator before removing the restriction. The attacker may seize the files or computer until the user pays the ransom to online currency accounts such as Webmoney or eGold. The attacks using ransomware are becoming more sophisticated and refined in algorithm posing great challenges to data protection. We will consider the history of ransomware, how ransomware functions in this article. Besides, the paper discusses the reason behind its fast growth, how to prevent it or fix the computer after infection. The increase in the use of ransomware since the formation of the first one raises the question of why they are becoming more prominent. The ransomware is likely to evolve further with the current ones having the ability to encrypt and lock the files. The latest actions of the ransomware ensure the damage they cause continues even after removal without paying the ransom money. History of ransomware As the technology evolves, the malware also evolves in many ways to thrive (Elisan & Hypponen, 2013). . Ransomware has changed over time since the first case in the infection methods, directives and persistence. The early cases of ransomware were benign and easy to remove. However, the new strains are more persistent and pose great threats. The first ransomware is PC Cyborg in 1989 that claimed expiry of license to a software and needed a payment of $189 to unlock. It encrypted all directories in C disk producing an error message to most commands. The program also protected the software from unauthorized use and during leasing of the program of PC Cyborg Corporation. The PC Cyborg is the first encryption malware. The ransomware extortion became prominent in 2005 and afterward used sophisticated RSA encryption scheme. The first infections of this ransomware mainly affected people in Russia but later spread to other countries due to profitability and popularity. The malware only left password-protected files in the user system. The first ransomware created a notepad as a ransom note to the user for $300 in exchange to retrieve the files. The ransomware at this initial stage encrypted only particular type of files. There was the first report of SMS ransomware in 2011. It required users of the infected computer to dial certain numbers. The computer displayed the ransom page until the user paid by dialling the number. The spread of ransomware was throughout Europe, The United States and Canada by 2012. The ransom pages showed the local police instead of the original ransomware display also referred to as Reveton. Those in the US received ones showing FBI while those in France showed Gendarmerie Nationale. The ransomware returned to prominence in 2013 through the propagation of the CryptoLocker. The name CryptoLocker originates from the ransomware ability to encrypt and lock at the same time. The attackers used Bitcoin digital currency in collecting the ransom money from the victims. The malware mainly targeted the users having Microsoft windows on the internet. The attackers mainly threatened to delete private keys if the deadline passes without paying ransom fees. The malware formed a great threat due to its ability to leave the files encrypted even after removal. The ability to encrypt the files besides locking them like in the early version made it harder to deal with than the previous versions. The malware forced the majority of the victims to pay the ransom causing great profitability to the attackers. The most recent is CryptoWall 3.0 that has powerful encryption Trojan since January 2015 (McDermott, 2015). How ransomware work The motive of the attacker determines the nature of the ransomware, but all have codes to hijack and control the computer. Ransomware exploits the vulnerability of the system, takes control of the computer and encrypts the files. The attacker usually reaches the computer through exposed system vulnerabilities. The attacker’s interest is in specific types of files with extension names that are of great importance to the user. The attacker then encrypts the files making them impossible to access. In the encryption process, the attacker may first compress the files to password-protected zip package and delete the original files. Some attackers may encrypt each file and delete the original and I some cases the attacker moves the files to create a pseudophase to deceive the victim. Moving the files and creating pseudophase has the least damage to the files (Gupta & Sharma, 2009). In an enterprise system, successful attacks lead to the encryption of data that the attacker only releases through decryption after payment of ransom. Encryption of these data is usually by use of sophisticated algorithms. Notification to the user is through the striking message that has specific instructions on how to pay the ransom money. The text file or window pop-up is usually in the folder of encrypted files. In some scenarios, the ransomware may lock the screen and prevent the victim from accessing the system. However, in other cases, the ransomware locks the important files until the victim pays the ransom. Ransomware use is growing fast The increasing advancement in technology plays a great role in increasing growth and spread of ransomware. The availability of online currencies drives the proliferation of this criminal activity. The systems make the attackers anonymous that are vital in the extortion systems. The combination of these systems makes tracing the attackers through the payment methods very hard. The virtual currency also like Bitcoin that is decentralized makes very hard to track the attackers. The advanced methods of encryption make the data the data hard to retrieve without the decryption codes from the attacker. Besides, the sharing of data through networks and internet makes the spread of ransomware very easy. The increasing profitability for attackers and popularity of ransomware makes it spread fast. Most of the money launders who are willing to make millions will make the malware and extort money from their victims. The reason behind these profits is ransomware’s ability to infect many computers within a short period. Besides, the malware does not give the victim alternatives since the data encrypted are usually very important. Due to these characteristics, most of the victims pay ransom making it lucrative for the attackers (Europol, 2014). Preventing and removal of ransomware There are some precautions that computer user need to take in preventing infection from the ransomware or need to pay the ransom. The first precaution requires the user to back up important data in a separate location. In the prevention of an attack, the user should bookmark the favorite sites. Bookmarking is important due to the ability of the attackers to add malicious codes to URLs directing the user to downloading the malware. The second means is verification of the e-mail sources before opening attached links or items. Some of the attackers may send the email with links that direct the user to download the malware. Another way to prevent these attacks is updating security software. The software functions through prevention of access to malicious sites and clearing any ransomware in the system. The user should also not click on the ads from untrustworthy companies (Reynolds, 2014). One of the ways to fix the computer after the infection is through payment of ransom although it is not advisable. This method prevents loss of sensitive data seized by the attacker. Removal of ransomware usually requires additional software downloaded on another computer and transferred to USB disk. The security software also can remove ransomware from the system. In using the software, there is a need to reboot and start up in safe mode. Each application has specific instructions displayed on the screen. Another way to clear the ransomware is starting the computer in safe mode then restoring the system without deleting the document. However, in both cases the user may not regain encrypted files by the ransomware without paying the ransom. Recommendation Any user should back up their files as a precaution not to lose the important files in case of any attacks. These precautions are vital in avoiding paying the attackers and making their money laundering business lucrative. Due to the rising cases of attacks any computer user should take preventive measure while on the internet including not clicking untrustworthy ads and confirming e-mail. The computer user should also take preventive measures such as updating security software to limit attacks. The victim should avoid paying ransom unless it is necessary due to the importance of the files. I believe a ransom encourages further attacks to computer users and such action should be the last resort. References Elisan, C. C., & Hypponen, M. (2013). Malware, rootkits & botnets: A beginners guide. New York: McGraw-Hill. Europol. (2014). Police Ransomware Threat Assessment. Europol Public Information. Web. June 30, 2015. Retrieved from: https://www.europol.europa.eu/sites/default/files/publications/policeransomware-threatassessment.pdf Gupta, J. N. D., & Sharma, S. K. (2009). Handbook of research on information security and assurance. Hershey, PA: Information Science Reference McDermott, I. E. (2015). Ransomware. Online Searcher, 39(3), 35-37. Reynolds, G. (2014). Ethics in Information Technology. Boston: Cengage Learning Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Ransomware Research Paper Example | Topics and Well Written Essays - 1500 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1699641-ransomware
(Ransomware Research Paper Example | Topics and Well Written Essays - 1500 Words)
https://studentshare.org/information-technology/1699641-ransomware.
“Ransomware Research Paper Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/information-technology/1699641-ransomware.
  • Cited: 1 times

CHECK THESE SAMPLES OF Preventing and Removal of Ransomware

Mountaintop Removal Coal Mining

Mountaintop removal coal mining is the mining of coal on steep terrains or mountain tops.... hellip; Mountaintop removal coal mining method tends to produce a lot of waste which is usually dumped in the nearby valleys, leading to blockage of streams and pollution of the water ways.... The damage that has been caused by the mountaintop removal coal mining method on the water bodies, the wildlife and the forest cover around the Central Appalachian mountaintops has led to a disrupted ecosystem (Perks 2)....
8 Pages (2000 words) Essay

Indwelling Catheter Removal Protocols

One of the suggestions for targeting this type of indwelling catheter usage by much of the research is to implement specific protocol which relates to the use and removal of the catheter.... Overall, the results from this suggest ‘positive results' (p17) which again highlights the importance of nurses in the use and removal of these catheter types.... Schnieder (2012) also highlights the importance of educating nurses in the use and timely removal of indwelling catheters in the prevention of UTIs....
4 Pages (1000 words) Research Paper

Land, Growth, and Justice: The Removal of the Cherokees

Land, Growth, and Justice: The removal of the Cherokees Introduction “Discovering the American Past” was written by William Bruce Wheeler starring Susan D.... The main point of focus under the topic is the removal of the Cherokees from their native land in the US by various forces.... The following are the Cherokees source; the removal of Cherokees from their original homeland by the army as directed by their commander (pg 176).... After the removal of the Cherokees from their lands by the soldiers, the whites used to celebrate as they took over their possessions....
4 Pages (1000 words) Essay

Ransomware

Certain types of ransomware apply a password lock to the files of the victim's computer system while certain of them completely lock the entire system and coerce the user into paying ransom.... hellip; The term ransomware is used to refer to a classification of malware which limits the usage of a user's computer system by attacking it and coerces the user to pay certain amount of ransom to the developer of that particular malware if the user wants the malware to be removed and wants to reuse his system (Viega, 2009, p....
3 Pages (750 words) Research Paper

Preventive pregnancy versus abortions

Preventive Pregnancy versus Abortions Jatoria Little Armstrong Atlantic State University Preventing Pregnancy versus Abortions “Abortion is the termination of pregnancy before the viability of the fetus or embryo from the uterus by expulsion or removal” according to Templeton and Grimes (2011, p.... Despite the fact that many American women already use contraceptives for preventing unwanted pregnancies, improving the use of contraceptives in the country through this policy will certainly help reduce abortion in the country....
3 Pages (750 words) Research Paper

The removal of children from their abusive home

This paper shall discuss the removal of children from their abusive homes, and the benefits and the negative impacts of such removal.... She mentions that the removal would initially benefit the child by taking such child away from the abuse and from the usual trauma that the child is exposed to at home....
5 Pages (1250 words) Essay

The importance of Ethics to Sustainable Growth in Engineering Enterprise

ransomware has emerged to be a source of threat both to individuals and organizations.... Teer, Kruck & Kruck (2007) notes that ransomware perpetrators are able to victimize the internet users and organizations by hijacking the files stored, encrypting them before demanding payment in exchange for the decryption key....
5 Pages (1250 words) Essay

The Complication of Removal Implants Prosthetics

This research "The Complication of removal Implants Prosthetics" will discuss the advantages and complications that are related to removable implant prosthetics compared to the fixed types.... The writer would specifically describe advantages of removal implants over fixed implant prosthesis....
9 Pages (2250 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us