In a post last week, I described ten reasons why ransomware – that is, computer malware that prevents users from accessing their files until they pay a ransom to some criminal enterprise – is a problem that will grow significantly in 2018.
One of the questions that I am often asked about ransomware is what are some common types of ransomware about which people should be aware. So, here are seven:
Encryption-based ransomware – sometimes known as crypto-ransomware – prevents data from being accessed by its legitimate owners by encrypting the files in which the data resides. Criminals demand a ransom in order to supply the victim with the decryption key. Many forms of encryption ransomware also threaten to delete the key – and make the files effectively lost forever – if a ransom is not paid within a certain period of time.
Encrypt and Delete Ransomware
Some ransomware encrypts files, but then progressively deletes them until a ransom is paid. Jigsaw, for example, deletes only one file in the first hour after activating, but increases its deletion rate for three days, after which, if a ransom has not been paid, all remaining files are deleted.
Locker ransomware is ransomware that locks computers, smartphones, or tablets, and prevents people from logging into their devices. It often impersonates law enforcement – for example, displaying a bogus, but official-looking, message from “the FBI” stating that the user must pay to unlock his or her device because the device was detected to have been used for illegal activity.
Some ransomware – for example CryptoLocker – has features that allow it – in addition to encrypting or locking – to collect email addresses from victims’ address books; the pilfered data is then used to spread the ransomware to others.
As I mentioned in my prior article, some variants of ransomware now steal your data and demand a ransom in exchange for not deleting or posting the pilfered information online. The now relatively-defunct ransomware known as Crysis was one such ransomware strain.
There are now strains of ransomware – for example, Cerber – that are designed to attack databases, not just files.
Ransomware that is designed to target a specific organization or person. I discussed this type of ransomware in my piece of last week.
To learn more about ransomware, please view the free webcast, Ransomware – What You Need to Know, from Microsoft’s Modern Workplace.
This post is sponsored by Microsoft.