Difference between revisions of "Ransomware"

From SI410
Jump to: navigation, search
m (Image added to "Variations and History")
(Non-encrypting ransomware)
Line 12: Line 12:
  
 
===Non-encrypting ransomware===
 
===Non-encrypting ransomware===
 +
As an alternate class of ransomware, the non-encrypting variety does not assert control over file privileges, but rather forcefully exposes the infected system, and thus the user, to a barrage of unsolicited spam, mostly in the form of crude pornographic images. Appearing a number of years after the first encrypting versions of ransomware hit the Web, the non-encrypting variants also sought to take advantage of unsuspecting and innocent victims who contracted the software trojan through irresponsible browsing habits or subpar digital safeguards.
  
 
==Ethical Implications==
 
==Ethical Implications==

Revision as of 01:46, 26 April 2016

Ransomware 2.png

Ransomware is a type of malicious software designed for disabling access to a user’s computer system, effectively holding it “ransom”, until a predetermined sum of money is paid.[1] The unintended result of clicking on an infected browser popup or visiting a compromised website, payment generally takes the form of an anonymous Internet-based currency like Bitcoin. As a rule, victims of ransomware do not share a common demographic or set of characteristics. Anyone who browses the open Web without the proper safeguards in place or neglects to abide by common sense security practices are vulnerable to the effects of this malign software.

Variations and History

Ransomware 1.jpg

Ransomware can vary in sophistication and implementation but is usually developed to proliferate automatically and penetrate otherwise secure systems by a trojan-like method of attack. The result of a combination of insufficient browser security, a deficient firewall configuration, or general carelessness in the online environment, the end result is the same: temporary re-appropriation of your data via an encryption barrier or restricted access through the display of spam (i.e., pornographic images) until such a time that the user submits and pays a fee for liberating their system of the nefarious software.[2]

Encrypting ransomware

The first type of ransomware to hit the Web appeared in 1989 with the "AIDS" trojan (also known as "PC Cyborg").[3] Following a similar approach of current malware of this type, an alert would be issued that a software license had expired on the user's system and the hard disk would be immediately locked down -- encrypted and rendered inaccessible -- until a money transfer was completed. Still in its infancy at this point, exploiting the gullible and unknowledgeable was clearly a monetary opportunity for those with the necessary programming skills and flexible moral standards for developing robust ransomware exploits.

Significantly more computationally advanced forms of extortionate ransomware appeared five to six years into the first decade of the twentieth century. With comparatively stronger cryptologic encoding than previous versions, workarounds and fail-safes effectively disappeared. The evolution of Web 2.0, social media platforms, and elevated sharing of online content (files, links, e-mail, etc.) resulted in the more prolific appearance and diffusion of ransomware throughout the wider Internet.

Non-encrypting ransomware

As an alternate class of ransomware, the non-encrypting variety does not assert control over file privileges, but rather forcefully exposes the infected system, and thus the user, to a barrage of unsolicited spam, mostly in the form of crude pornographic images. Appearing a number of years after the first encrypting versions of ransomware hit the Web, the non-encrypting variants also sought to take advantage of unsuspecting and innocent victims who contracted the software trojan through irresponsible browsing habits or subpar digital safeguards.

Ethical Implications

Ethics Subheading

See Also

References

  1. (2010). ransomware. In Stevenson, A. & Lindberg, C. (Eds.), New Oxford American Dictionary: Oxford University Press. Retrieved 24 Apr. 2016, from http://www.oxfordreference.com.proxy.lib.umich.edu/view/10.1093/acref/9780195392883.001.0001/m_en_us1444048
  2. Boatman, Kim. Your Security Resource: Beware the Rise of Ransomware. Norton by Symantec. (n.d.). Retrieved 25 Apr. 2016, from https://us.norton.com/yoursecurityresource/detail.jsp?aid=rise_in_ransomware
  3. Wikipedia: Ransomware - Encrypting ransomware https://en.wikipedia.org/wiki/Ransomware#Encrypting_ransomware