Ransomware er blevet en alvorlig trussel mod onlineverdenen i disse dage. Mange softwarefirmaer, universiteter, virksomheder og organisationer rundt om i verden forsøger at tage forholdsregler for at redde sig selv fra ransomware-angreb. De amerikanske ^(United) og^(States) canadiske regeringer har udsendt en fælles erklæring om ransomware-angreb, der opfordrer brugerne til at være opmærksomme og tage forholdsregler. For nylig den 19. maj^{(May 19)} holdt den schweiziske regering ^Ransomware Info Day^{(Ransomware Info Day)} for at udbrede bevidstheden om ransomware og dens virkninger. Ransomware i Indien er også stigende.

Microsoft har for nylig offentliggjort en data, der nævner, hvor mange maskiner (brugere) der blev påvirket af ransomware-angreb over hele verden. Det blev konstateret, at USA ^(States)var^(United) på toppen af ​​ransomware-angreb; efterfulgt af Italien^(Italy) og Canada . Her er de 20 bedste lande, der er stærkt berørt af ransomware-angreb.

Her er en detaljeret skrivning, der vil besvare de fleste af dine spørgsmål vedrørende ransomware. Dette indlæg vil tage et kig på Hvad er ransomware-angreb, typerne af ransomware, hvordan kommer ransomware på din computer og foreslår måder at håndtere ransomware på.
^{(Here is a detailed write-up that will answer most of your questions regarding ransomware. This post will take a look at What are Ransomware Attacks, the Types of ransomware, How does ransomware gets on your computer and suggests ways of dealing with ransomware.)}

Ransomware-angreb

Hvad er Ransomware

Ransomware er en type malware, der låser dine filer, data eller selve pc'en og afpresser dig penge for at give adgang. Dette er en ny måde for malware-forfattere at "samle penge ind" til deres illegitime aktiviteter på nettet.

Hvordan kommer ransomware på din computer

Du kan få ransomware, hvis du klikker på et dårligt link eller åbner en ondsindet vedhæftet fil. Dette billede fra Microsoft beskriver, hvordan ransomware-infektionen finder sted.

Ransomware ligner et uskyldigt program eller et plugin eller en e-mail med en "ren" vedhæftet fil, der bliver installeret uden brugerens viden. Så snart den får adgang til brugerens system, begynder den at sprede sig over hele systemet. Endelig, på et tidspunkt, låser ransomwaren systemet eller bestemte filer og begrænser brugeren i at få adgang til det. Nogle gange er disse filer krypteret. En ransomware-skribent kræver et vist beløb for at give adgang eller dekryptere filerne.

En falsk advarsel fra en ransomware ser ud som følger:

Men under ransomware-angrebene er der ingen garanti for, at brugerne vil få deres filer tilbage, selv efter at have betalt løsesummen. Derfor^(Hence) er det bedre at forhindre ransomware-angreb end at prøve at få dine data tilbage fra en eller anden måde. Du kan bruge RanSim Ransomware Simulator til at kontrollere, om din computer er tilstrækkeligt beskyttet.

Læs^(Read) : Hvad skal du gøre efter et Ransomware-angreb på din Windows-computer?^{(What to do after a Ransomware attack on your Windows computer?)}

Sådan identificeres ransomware-angreb

Ransomware angriber generelt de personlige data, såsom brugerens billeder, dokumenter, filer og data. Det er nemt at identificere ransomwaren^{(identify the ransomware)} . Hvis du ser en ransomware-seddel, der kræver penge for at give adgang til dine filer, eller krypterede filer, omdøbte filer, låst browser eller en låst skærm på din pc, kan du sige, at ransomware har fået fat i dit system.

Symptomerne på ransomware-angreb kan dog ændre sig i henhold til typerne af ransomware.

Læs^(Read) : Malware Tracker Maps , der lader dig se cyberangreb^{(Cyber Attacks)} i realtid.

Typer af ransomware-angreb

Tidligere plejede ransomware at vise en besked om, at brugeren har gjort noget ulovligt, og at de bliver idømt en bøde af politiet eller den offentlige myndighed på grundlag af en eller anden politik. For at slippe af med disse 'afgifter' (som bestemt var falske anklager), blev brugerne bedt om at betale disse bøder.

I dag er et ransomware-angreb på to måder. Den låser enten computerskærmen eller krypterer visse filer med en adgangskode. Baseret på disse to typer er ransomware opdelt i to typer:

1. Låseskærm ransomware
2. Kryptering ransomware.

Låseskærm ransomware^{(Lock screen ransomware)} låser dit system og kræver løsesum for at lade dig få adgang til det igen. Den anden type, nemlig Encryption ransomware , ændrer filerne i dit system og kræver penge for at dekryptere dem igen.

De andre typer ransomware er:

1. Master Boot Record (MBR) ransomware
2. Ransomware krypterer webservere
3. Android mobilenhed ransomware
4. IoT ransomware .

Her er nogle ransomware-familier og deres statistikker over angreb:

Tag også et kig på Ransomware-væksten og dens infektionsstatistikker.

Hvem kan blive påvirket af ransomware-angrebene

Det er lige meget, hvor du er, og hvilken enhed du bruger. Ransomware kan angribe hvem som helst, når som helst og hvor som helst. Ransomware-angrebene kan finde sted på enhver mobil enhed, pc eller bærbar computer, når du bruger internettet til at surfe, e-maile, arbejde eller shoppe online. Når den først har fundet en vej til din mobile enhed eller pc'en, vil den anvende dens kryptering og indtægtsgenereringsstrategier på den pc og mobilenhed.

Hvornår kan ransomware få en chance for at angribe

Så hvad er de mulige hændelser, når ransomware kan ramme?

• Hvis du browser på websteder, der ikke er tillid til
• Download eller åbning af vedhæftede filer modtaget fra ukendte e-mail-afsendere (spam-e-mails). Nogle af filtypenavnene for disse vedhæftede filer kan være (.ade, .adp , .ani , .bas , .bat , .chm , .cmd , .com , .cpl , .crt , .hlp , .ht, .hta , .inf , .ins, .isp , .job , .js, .jse , .lnk , .mda , .mdb , .mde , .mdz , .msc ,.msi , .msp , .mst , .pcd , .reg , .scr , .sct , .shs , .url , .vb^(.pif) , .vbe , .vbs , .wsc , .wsf , .wsh , , .exe .) Og også filtyper, der understøtter makroer (.doc, .xls , .docm , .xlsm , .pptm osv.)
• Installation af piratkopieret software, forældede softwareprogrammer eller operativsystemer
• At logge på en pc, der er en del af det allerede inficerede netværk

Forholdsregler mod ransomware-angreb

Den eneste grund til, at ransomware er oprettet, er fordi malware-forfatterne ser det som en nem måde at tjene penge på. Sårbarheder såsom upatchet software, forældede operativsystemer eller folks uvidenhed er gavnlige for sådanne mennesker med ondsindede og kriminelle hensigter. Derfor^(Hence) er bevidsthed^(awareness) den bedste måde at undgå angreb fra ransomware.

Her er et par trin, du kan tage for at tackle eller håndtere ransomware-angreb:

1. Windows-brugere rådede til at holde deres Windows -^(System) operativsystem opdateret. Hvis du opgraderer til Windows 10 , vil du reducere hændelserne af ransomware-angrebet maksimalt.
2. Sikkerhedskopier altid dine vigtige data på en ekstern harddisk.
3. Aktiver filhistorik eller systembeskyttelse.
4. Pas^(Beware) på phishing-e-mails, spam, og tjek e-mailen, før du klikker på den ondsindede vedhæftede fil.
5. Deaktiver indlæsning af makroer i dine Office-programmer.
6. Deaktiver din Remote Desktop -funktion, når det er muligt.
7. Brug to-faktor-godkendelse.
8. Brug en sikker og adgangskodebeskyttet internetforbindelse.
9. Undgå^(Avoid) at browse på websteder, der ofte er grobund for malware, såsom ulovlige download-websteder, websteder for voksne og gambling-websteder.
10. Installer^(Install) , brug og opdater regelmæssigt en antivirusløsning
11. Gør brug af noget godt anti-ransomware-software
12. Tag din MongoDB-sikkerhed alvorligt for at forhindre din database i at blive kapret af ransomware.

Ransomware Tracker hjælper dig med at spore, afbøde og beskytte dig selv mod malware.

Læs^(Read) : Beskyt mod og forebyg Ransomware-angreb^{(Protect against and prevent Ransomware attacks)(Protect against and prevent Ransomware attacks)} .

Selvom der er nogle tilgængelige ransomware-dekrypteringsværktøjer^{(ransomware decryptor tools)} , er det tilrådeligt, at du tager problemet med ransomware-angreb alvorligt. Det bringer ikke kun dine data i fare, men det kan også krænke dit privatliv i en sådan grad, at det også kan skade dit omdømme.

siger Microsoft ,

The number of enterprise victims being targeted by ransomware is increasing. The sensitive files are encrypted, and large amounts of money are demanded to restore the files. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to. The best advice for prevention is to ensure confidential, sensitive, or important files are securely backed up in a remote, unconnected backup or storage facility.

Hvis du tilfældigvis kommer ud for det uheld at blive inficeret med ransomware, kan du, hvis du ønsker det, anmelde Ransomware^{(report Ransomware)(report Ransomware)} til FBI , politiet^(Police) eller relevante myndigheder.

Læs nu om Ransomware-beskyttelse i Windows^{(Ransomware protection in Windows)} .

Ransomware Attacks, Definition, Examples, Protection, Removal

Ransomware has become a serious threat to the online world these days. Many software firms, universities, companies, and organizations around the world are trying to take precautionary measures to save themselves from ransomware attacks. The United States and Canadian governments have issued a joint statement about ransomware attacks urging users to stay alert and take precautions. Recently on May 19^th, the Swiss government observed the Ransomware Info Day, to spread awareness regarding ransomware and its effects. Ransomware in India too is on the rise.

Microsoft recently published a data mentioning how many machines (users) were affected by ransomware attacks across the world. It was found that the United States was on the top of ransomware attacks; followed by Italy and Canada. Here are the top 20 countries which are majorly affected by ransomware attacks.

Here is a detailed write-up that will answer most of your questions regarding ransomware. This post will take a look at What are Ransomware Attacks, the Types of ransomware, How does ransomware gets on your computer and suggests ways of dealing with ransomware.

Ransomware attacks

What is Ransomware

Ransomware is a type of malware that locks your files, data or the PC itself and extorts money from you in order to provide access. This is a new way for malware writers to ‘collect funds’ for their illegitimate activities on the web.

How does ransomware get on your computer

You could get ransomware if you click on a bad link or open a malicious email attachment. This image from Microsoft describes how the ransomware infection takes place.

Ransomware looks like an innocent program or a plugin or an email with a ‘clean’ looking attachment that gets installed without the user’s knowledge. As soon as it gets its access to the user’s system, it starts spreading across the system. Finally, at one point of time, the ransomware locks the system or particular files and restricts the user from accessing it. Sometimes, these files are encrypted. A ransomware writer demands a certain amount of money to provide access or decrypt the files.

A fake warning message by a ransomware looks as follows:

However, during the ransomware attacks, there is no guarantee that the users will get back their files even after paying the ransom. Hence, it is better to prevent ransomware attacks than trying to get back your data from some way or another. You may use RanSim Ransomware Simulator to check if your computer is sufficiently protected.

Read: What to do after a Ransomware attack on your Windows computer?

How to identify ransomware attacks

The ransomware generally attacks the personal data, such as user’s pictures, documents, files, and data. It is easy to identify the ransomware. If you see a ransomware note demanding money to give access to your files, or encrypted files, renamed files, locked browser or a locked screen of your PC, you can say that ransomware has got a grip on your system.

However, the symptoms of ransomware attacks can change as per the types of ransomware.

Read: Malware Tracker Maps that let you view Cyber Attacks in real-time.

Types of ransomware attacks

Earlier, ransomware used to display a message stating that the user has done something illegal and they are being fined by the police or the government agency on the basis of some policy. To get rid of these ‘charges’ (which were definitely false charges), users were asked to pay these fines.

Nowadays, a ransomware attack in two ways. It either locks the computer screen or encrypts certain files with a password. Based on these two types, the ransomware is divided into two types:

1. Lock screen ransomware
2. Encryption ransomware.

Lock screen ransomware locks your system and demands a ransom for letting you access it once again. The second type, i.e. the Encryption ransomware, changes the files in your system and demands money to decrypt them again.

The other types of ransomware are:

1. Master Boot Record (MBR) ransomware
2. Ransomware encrypting web servers
3. Android mobile device ransomware
4. IoT ransomware.

Here are some ransomware families and their statistics of attacks:

Also, take a look at the Ransomware growth and its infection statistics.

Who can be affected by the ransomware attacks

It doesn’t matter where you are and what device you are using. Ransomware can attack anybody, anytime and anywhere. The ransomware attacks can take place on any mobile device, PC or laptop when you are using the internet for surfing, emailing, working, or shopping online. Once it finds a way to your mobile device or the PC, it will employ its encryption and monetization strategies into that PC and mobile device.

When can ransomware get a chance to attack

So what are the possible events when ransomware can strike?

• If you are browsing untrusted websites
• Downloading or opening file attachments received from unknown email senders (spam emails). Some of the file extensions of these attachments can be, (.ade, .adp, .ani, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .hlp, .ht, .hta, .inf, .ins, .isp, .job, .js, .jse, .lnk, .mda, .mdb, .mde, .mdz, .msc, .msi, .msp, .mst, .pcd, .reg, .scr, .sct, .shs, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh, .exe, .pif.) And also he file types that support macros (.doc, .xls, .docm, .xlsm, .pptm, etc.)
• Installing pirated software, outdated software programs or operating systems
• Logging into a PC that is a part of the already infected network

Precautions against ransomware attacks

The only reason ransomware is created, is because the malware writers see it as an easy way to make money. Vulnerabilities such as unpatched software, outdated operating systems or people’s ignorance is beneficial for such people with malicious and criminal intentions. Hence, awareness is the best way to avoid any attacks by ransomware.

Here are are a few steps you can take to tackle or deal with ransomware attacks:

1. Windows users advised keeping their Windows Operating System up-to-date. If you upgrade to Windows 10, you will reduce the events of the ransomware attack to the maximum extent.
2. Always back-up your important data in an external hard-drive.
3. Enable file history or system protection.
4. Beware of phishing emails, spam, and check the email before clicking the malicious attachment.
5. Disable the loading of macros in your Office programs.
6. Disable your Remote Desktop feature whenever possible.
7. Use two-factor authentication.
8. Use a safe and password-protected internet connection.
9. Avoid browsing websites that are often the breeding grounds for malware such as illegal download sites, adult sites and gambling sites.
10. Install, use, and regularly update an antivirus solution
11. Make use of some good anti-ransomware software
12. Take your MongoDB security seriously to prevent your database from being hijacked by ransomware.

The Ransomware Tracker helps you track, mitigate and protect yourself from malware.

Read: Protect against and prevent Ransomware attacks.

While there are some ransomware decryptor tools available, it is advisable that you take the problem of ransomware attacks seriously. It not only endangers your data, but it can also breach your privacy to such extent that it can harm your reputation also.

Says Microsoft,

The number of enterprise victims being targeted by ransomware is increasing. The sensitive files are encrypted, and large amounts of money are demanded to restore the files. Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to. The best advice for prevention is to ensure confidential, sensitive, or important files are securely backed up in a remote, unconnected backup or storage facility.

If you do happen to have the misfortune of being infected with ransomware, you can if you wish, report Ransomware to FBI, Police or appropriate authorities.

Now read about Ransomware protection in Windows.

Related posts

• Aktiver og konfigurer Ransomware Protection i Windows Defender

• Sådan afbødes menneske-drevne Ransomware-angreb: Infographic

• Digital suverænitet – definition, betydning, eksempler og forklaring

• Hvad er Spear Phishing? Forklaring, eksempler, beskyttelse

• Filløse malwareangreb, beskyttelse og detektion

• Online identitetstyveri: tip til forebyggelse og beskyttelse

• Hvad er netneutralitet? Definition, fordele og ulemper, debat

• CyberGhost Immunizer hjælper med at forhindre ransomware-angreb

• Reparation af virusdefinition mislykkedes i Avast Antivirus

• Forhindre brugere i at ændre Exploit Protection i Windows Security

• Sådan udføres Windows Defender Definition Update

• Hvad er Ransom Denial of Service (RDoS)? Forebyggelse og forholdsregler

• Sådan rydder du Windows Defender Protection History i Windows 10

• Hvad er et Solid State Drive (SSD)? SSD definition

• Skal jeg rapportere Ransomware? Hvor rapporterer jeg Ransomware?

• Ransomware Response Playbook viser, hvordan man håndterer malwaren

• Hvad er firewall og netværksbeskyttelse i Windows 10, og hvordan skjules dette afsnit

• Sådan aktiverer eller deaktiverer du USB-skrivebeskyttelse på Windows 10

• Windows Defender-fejl 0x80240438, definitionsopdateringer er ikke installeret

• Hvad er Googles avancerede beskyttelsesprogram?