Ransomware and Crypto Malware
Ransomware is a type of malware that encrypts a victim’s data and then displays a ransom message to the victim demanding payment in exchange for the decryption of that data. Attackers use ransomware to extort their victims and demand payment in exchange for their data.
Victims are presented with a choice, either pay the ransom or lose their data entirely. Also, there is absolutely no guarantee that hackers will follow through and decrypt the data once they receive payment. This leaves victims in a precarious position.
The best defense against ransomware attacks is to perform regular backups. With proper backups, it won’t matter if a hacker encrypts the data, because an exact copy of that data can be restored from the backups. Backups mitigate the loss of data to the most recent backup.
Of course, there will still be a cost to recover the data. The backups will take work hours to restore and some data is bound to be lost since the time of the last backup. With proper backups, you can treat a ransomware as just another disruption, rather than a catastrophic loss of data.
Crypto malware is a form of malware that uses a target’s CPU resources to mine for crypto currency. Crypto currency mining is when a device is used to process cryptocurrency transactions. The miner is rewarded for this with a portion of the mined cryptocurrency. This is what allows cryptocurrency to function without centralized control.
Hackers want their crypto malware to operate for as long as possible to maximize the mining time. So, crypto malware tries to avoid detection from antivirus and antimalware programs. Crypto malware will incorporate masking techniques, like code rewriting, within its code.
This video is part of the CompTIA Security+ Course. This course will get you certified within one week so you can earn an $85,000 salary as a Security+ certified cyber security professional. CLICK HERE to get started.