Defending Against Crypto-Ransomware Guide

Ransomware is one of the fastest growing classes of malicious software. In recent years, ransomware has evolved from a simple lock screen with the ransom damage into far more dangerous variants, such as crypto-ransomware.

1. What is  Crypto-Ransomware

Unlike traditional malware, crypto-ransomware doesn’t steal information. Instead, it encrypts a victim’s documents, spreadsheets, pictures, videos and other files, and then demands a ransom to unlock the encrypted files — a form of digital blackmail. The ransom amount varies, from $150–$500 for an individual to thousands of dollars for an organization. The payment goes through systems that are hard to trace, such as wire transfers, premium-rate text messages, pre-paid voucher services like Paysafecard, or the digital currency Bitcoin. While ransomware attacks have been around for years, security experts say they’ve become far more dangerous recently because of advances in encryption and other technologies. A crypto-ransomware attack can take hostage not only data stored on a company’s individual computers, but also the files on its servers and cloud-based file-sharing systems — leading to financial losses, stopping business in its tracks and potentially damaging the organization’s reputation. According to a report prepared by the Cyber Threat Alliance (CTA), CryptoWall version 3.0 alone has already cost victims $325 million.

2. How Ransomware Is Delivered to a User’s Computer

Criminals use many different methods to propagate crypto-ransomware, including the following:

  • E-mail attachments containing malware or malicious macros
  • Infected disks or other malvertising
  • Drive-by downloads that exploit redirects and software vulnerabilities
3. Stages of Crypto-Ransomware Infection

Crypto-ransomware infection typically consists of the following steps:

  1. Break-in
  2. Installation
  3. Encryption key generation
  4. Data encryption
  5. Extortion
4. Best Practices to Apply Immediately

Discover specific measures to prevent infection immediately and other useful information on ransomware in our ultimate Defending Against Crypto-Ransomware Guide. DOWNLOAD >


Jeff is a Director of Global Solutions Engineering at Netwrix. He is a long-time Netwrix blogger, speaker, and presenter. In the Netwrix blog, Jeff shares lifehacks, tips and tricks that can dramatically improve your system administration experience.