BotNet News

Your source for Online Security News

Few cybersecurity threats have risen as dramatically and quickly as ransomware. As malware continues to evolve and become more sophisticated, it is becoming a major threat to businesses of all sizes. But how exactly does it work?

Wade Baker, collegiate associate professor of integrated security in the Department of Business Information Technology, has been on the front lines of studying this ever-growing menace. He shared some of the insights he has gained from his research.

Ransomware is malware that secretly infects your systems, attacks files, and encrypts data to prevent users from accessing them. The attackers then demand payment to decrypt and redeliver the files—often in cryptocurrency and other untraceable methods. Most experts advise against paying ransom because you may not receive the cipher keys to unlock your data. In addition, attackers often threaten to expose victims and their companies publicly.

Most types of ransomware are based on Trojans, which take advantage of vulnerabilities in applications or operating systems. The malware enters a computer or device via a link in a malicious email or through an unsecure website. Once inside the system, it takes control of a network and can disable applications and services.

From there, the cybercriminals can begin stealing and encrypting data. They also can use the compromised systems to mine cryptocurrencies, which requires computing power that can be expensive for users to run. This double extortion helps ransomware grow, as attackers can get a lot of money and keep it safe from law enforcement.