What is a Ransomware Attack?

It’s a normal work day— that is, until you receive an intriguing email from your boss asking you why an invoice was improperly paid. In the message, they seem angry, demanding to know why you approved this high-dollar transaction.

You panic, thinking you made a big mistake. Without hesitation, you open the attachment and start looking over the invoice before downloading it to verify your records. 

As you’re cross-referencing the numbers, your device suddenly freezes and the next thing you know, you’re staring squarely at a pop-up saying you’ve been locked out of your operating system. The pop-up explains that in order to get your functionality back, you’ll need to pay a hacker a huge fee to unlock your device.

This is the classic example of ransomware. Let’s learn more about this type of cyber attack and how the victim of a digital compromise might gain access back to their data:

What is Ransomware?

Ransomware is a type of malicious software designed to block access to a computer system until a payment is made. 

Typically, a ransomware attack presents itself as a pop-up or a displayed message, explicitly demanding a fee in order to gain back access to a locked system, according to Kaspersky.

How Exactly Does Ransomware Work?

While there are numerous attack vectors a bad actor can take to execute and install the malware used in a ransomware attack, here’s a common narrative of their methodology:

1. The hacker creates malware and has a shell computer to run code.

Typically, a ransomware attack begins with a hacker creating malicious software (malware). 

We won’t bore you with the details of how the malware itself was created; all you need to know is that the hacker devises a script to trigger a command from a “shell” operating system, ultimately allowing them to control your device remotely.

2. The hacker devises a sneaky social engineering scheme to trick the user into downloading the malware.

But here’s the catch: the bad actor has to get a user to download this malicious software in order to take over the device. This is why they need a plan for tricking a user into installing the malware without realizing it. To do this, the attacker will often devise a clever social engineering schememost commonly, a phishing attack.

While there are a number of phishing tactics out there, bad actors often target a user’s email or text message inbox, attaching malware to a document sent via email or in a link in an SMS message. 

When an unsuspecting user downloads an infected file or clicks a trigger on an infected webpage, they allow malware to be installed within the background of their computer.

When the malware is installed, their command shell receives a trigger, alerting the cyber attacker that a breach has occurred. From there, the bad actor can execute a series of commands remotely, granting them control over the infected device.

3. The hacker locks the infected device or specific data, demanding a fee to be paid in return for access back.

While with other forms of malware a hacker’s objective may be to install this malicious software quietly without the victim noticing (to glean deeper information over time)— ransomware attacks are loud. 

From the moment ransomware is installed, the infected user typically knows, as they receive a message alerting them that their device or data has been compromised. What differentiates ransomware from other types of malware is that the attacker demands the infected user pay a “ransom” to unlock access to their barred device or data.

Notorious Ransomware Attacks

Sometimes it’s easier to understand a cyber attack when you see real life examples of them in action. 

Even big brands can fall victim to ransomware attacks, despite their million-dollar security defenses. Read more about famous ransomware attacks on:

Know the Social Engineering Tactics

Most ransomware attacks occur as the result of social engineering exploits, wherein attacks trick users into downloading malicious software.

Educate your team on the dangers of phishing scams and more by scheduling engaging, interactive security awareness training presentations with the world’s once most famous hacker, Kevin Mitnick.

While social engineering is a huge threat, there are other ways cyber attackers get in. Download our 5-½ Steps to Elevate Your Cybersecurity guide to stay on top of your security, today.

New call-to-action

Topics: ransomeware, ransomware attack

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

PCI Testing: Everything You Need To Know

Penetration testing is crucial for businesses to help ensure that their security posture will stand against threat actors. For businesses that handle ..

Read more ›

The 4 Phases of Penetration Testing

So, you’ve done your research on penetration testing and are ready for the pentest engagement. But before you choose just any pentesting vendor, it’s ..

Read more ›

What is Web Application Penetration Testing?

Is your company in the process of developing a new application? There are a lot of moving parts involved in developing and deploying cutting-edge appl..

Read more ›