Attackers using ransomware encrypt data and potentially steal it at the same time (see Scenario 3 in the Gotcha! Book). They then demand a ransom for the encryption key to unlock it.

Normally using a phishing attack, the attacker delivers cryptographic malware, such as cryptolocker, that encrypts the victim’s information so it can’t be accessed. A pop up window may appear, as in spyware, to demand a ransom for restoring access. Before doing this, though, they may degrade backups or make it look like backups are happening when they aren’t. Backups may also have backed up the infection.

Scareware looks like ransomware. This is where an attacker may make threats in a pop up window that are purely blackmail. The machine needs to be cleaned immediately, not a fine paid.

Leave a Reply

Your email address will not be published. Required fields are marked *