Ransomware is a form of malware targeting both human and technical weaknesses in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through various vectors, including phishing and Remote Desktop Protocol (RDP).
In the recently released report from IC3, a total of 2,673 complaints were received in 2016 and resulted in $ 2.4 million losses to ramsomeware.
RDP allows computers to connect to each other across a network. In one scenario, spear phishing emails are sent to end users resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber actor demands the payment of a ransom, typically in virtual currency such as Bitcoin. The actor will purportedly provide an avenue to the victim to regain access to their data. Recent iterations target specific organizations and their employees, making awareness and training a critical preventative measure.
The recent wannacry ransom where is already having it toll on companies in 150 countires. Just recently South Korean web hosting company Nayana was reported to have paid over $ 1 million to ransomware attacker. The statistics for 2017 ransomware attack will sure be interesting to see.