Edsontech

What is a Ransomware ?

Ransomware is a type of malicious software (malware) that infects computers, encrypts user data, and restricts access to systems until a ransom is paid to the attacker. It commonly spreads via phishing emails or malicious links, often demanding payment in cryptocurrency for a decryption key to restore files.

What is a Malware ?

Malware, or malicious software, includes various types designed to damage, exploit, or gain unauthorized access to systems. Major types include viruses, worms, Trojan horses, ransomware, spyware, adware, rootkits, and botnets. They differ by how they spread, such as self-replication (worms) or disguising as legitimate files (Trojans), aiming to steal data, hold files for ransom, or hijack resources.

How many types of malware are there?

• Worm: Self-replicates and spreads independently across networks, exploiting vulnerabilities.
• Trojan Horse: Disguises itself as legitimate software to trick users into installing it, creating backdoors.
• Ransomware: Encrypts user data and demands payment for the decryption key.
• Spyware: Secretly collects information about user activity.
• Adware: Automatically renders unwanted, intrusive advertisements.
• Rootkit: Designed to provide privileged, administrator-level access to a computer while hiding its presence.
• Botnet: A network of infected, compromised computers ("bots") controlled as a group for attacks like DDoS.
• Keylogger: Records keystrokes to steal passwords and sensitive data
• Cryptojacking: Hijacks device resources to mine cryptocurrency without consent
• Logic Bomb: Code inserted into a system that triggers a malicious action when specific conditions are met.

How to defend from cyber attacks

Defend against cyberattacks by adopting strong cyber hygiene: use unique, complex passwords with a password manager, enable multi-factor authentication (MFA), and keep all software and operating systems updated. Protect data by backing up files regularly, using antivirus software, and exercising caution against phishing by avoiding suspicious links.

Essential Cyber Defense Strategies

• Authentication & Access Control: Use long, unique passphrases for every account, managed via a password manager. Enable Multi-Factor Authentication (MFA) on all sensitive accounts, especially email and banking
• Software & Device Updates: Promptly install updates for operating systems, applications, and firmware to patch known security vulnerabilities.
• Network Security: Secure home and business Wi-Fi with strong passwords. Use firewalls to block unauthorized access.
• Data Protection & Backups: Regularly back up data to encrypted, offsite, or disconnected storage to mitigate ransomware risks.
• Phishing & Threat Awareness: Be wary of unexpected, urgent, or suspicious emails, texts, and links. Verify the source before clicking or sharing information.
• Endpoint Security: Install reputable anti-malware and antivirus solutions to scan for threats.
• Limit Information Sharing: Reduce the amount of personal information posted online to prevent social engineering attacks.
• Secure Browsing: Only enter personal data on websites using HTTPS (indicated by a padlock icon).
• Monitor Accounts: Regularly review financial statements for unauthorized activity.
• In case of Businesses/Organizations - Use network monitoring tools to detect, block, and alert administrators to malicious activity
• Implement strict access controls and educate employees on security policies.