Site icon Check Point Blog

Ransomware: what you need to know

In recent years, there has been a surge of ransomware attacks. It’s been reported all over security blogs, tech websites and in the news. Unfortunately, these attacks show no signs of slowing. If anything, they are getting worse.

Cryptolocker, the first famous ransomware, was observed in the wild in 2013. From then until mid-2015, there were only a few active ransomware variants and their infection methods were limited. Some of these variants were even weak enough that it was possible to decrypt files without paying ransom.

While quite a lot of variants have been created since then, many of them either don’t effectively infect users or run a low profile campaign. A good example is TeslaCrypt, an infamous ransomware whose authors released a master key for anyone to use. In other cases, new ransomware variants – even ones that are widely distributed and constantly make headlines – are quickly found to have bugs when it comes to implementing the encryption itself, such as the recently published decryption tool for Jigsaw ransomware. These flaws are either fixed in a newer version or the ransomware is abandoned.

There seems to be a fairly large difference between the top-tier of ransomware, which usually maintain several active campaigns, and trendy new ransomware variants that come and go. In our report, Ransomware: What You Need to Know,  we provide an overview of the evolving world of ransomware, highlighting the differences between the most prevalent ransomware families, and present several smaller yet unique ransomware variants. We also present several methods for protection and mitigation.

 

(click on image to enlarge timeline)

 

How to protect yourself

We highly recommend you take the following steps to protect yourself from ransomware, or at least mitigate its effects:

Exit mobile version