What you need to know about the main ways by which Ransomware Spread
Ransomware Spread is a huge problem and what’s really concerning is that it’s actually a very new form of malware. It just seems like it’s been around forever because there is so much of it. The bad news is that ransomware is currently so lucrative that cybercriminals have a huge incentive to create more of it and get it out into the wild. With that in mind, here is what you need to know about the main ways by which ransomware is spread.
Email attachments have long been a common way to spread malware. In general, spreading malware by email is a strategy that is based on quantity rather than quality. The basic idea is that if you send enough emails to enough people you will get enough victims to make it worth your while.
With ransomware spread, however, cyberattackers can go to great lengths to gain a victim’s confidence and then send them a very credible email with an attachment that looks totally legitimate.
The way to deal with this threat is to be realistic about the threat that any email which contains an attachment could, potentially, contain a virus. It doesn’t matter how much you trust the sender, anyone can make a legitimate mistake. This means that all email attachments must be scanned before they are opened no matter what and no matter how urgent someone says it is.
Malware existed long before the internet. It used to be spread on storage devices. Then networking began to offer a whole new world of possibilities for malicious actors. Now, however, cybersecurity companies have some excellent tools available to combat all sorts of malware (if people only use them) so using storage devices to spread malware is starting to make a come-back.
USB devices are affordable, easy to use, and can be passed off as legitimate promotional items. They can be made to appear empty (to an average computer user) when they are not or loaded with something which appears harmless. Basically, this last strategy is a variation of sending an email attachment.
The way to deal with the threat of USB infection is to start by limiting access to your USB ports. Then ensure that you only use either brand-new (shrink-wrapped) USB sticks or USB sticks from trusted sources and in the latter case scan them thoroughly before you use them.
For clarity, there is some great, free software available online. In fact, there is some great, free anti-malware software online. There is, however, also a lot of mediocre free software and some outright malicious free software. Then, bluntly, there is pirated software, which is notorious for being used as a way to spread malware.
The solution to ransomware infection via pirated software is very simple, don’t use it. If you can’t afford the paid version of a product, then do what you can with legitimately free products. They may have less functionality but if you choose the right products, you’ll keep yourself safe. The key to choosing safe free products is to research the developer behind them.
A lot of big-name brands produce free versions of their flagship products. This introduces the brand to people who might not be willing to pay for a product without using it for a while first. It also helps to reduce the temptation to download pirate software, which in turn reduces the motivation to pirate the software in the first place. You can also get safe, free software from smaller, niche, developers, just do your research thoroughly before you download.
There are all kinds of ways you can be infected with ransomware when you are surfing the internet, but the three most common are short-links, malvertising, and drive-by downloads.
Short-links are very convenient, but they can be used to trick victims into visiting websites they would otherwise have avoided.
Malvertising is the strategy of using paid adverts to spread malware. This typically does not spread ransomware itself. It will usually scan your computer for vulnerabilities that can then be exploited with ransomware.
Drive-by downloads are downloads that happen without the user’s knowledge.
The solution to all of these is a combination of common-sense, education, and a reputable anti-malware program with an integrated firewall.
Lack of effective data backup processes
Although this doesn’t actually spread ransomware itself, it does encourage the spread of ransomware by encouraging companies to pay the ransom, thus both financing and motivating further attacks.
These days, data backup processes have to be designed to combat the “ricochet effect”, i.e. the possibility that encrypted files will be automatically backed up, overwriting healthy files in the process.