What is a Ransomware Attack?

It’s a normal work day— that is, until you receive an intriguing email from your boss asking you why an invoice was improperly paid. In the message, they seem angry, demanding to know why you approved this high-dollar transaction.

You panic, thinking you made a big mistake. Without hesitation, you open the attachment and start looking over the invoice before downloading it to verify your records. 

As you’re cross-referencing the numbers, your device suddenly freezes and the next thing you know, you’re staring squarely at a pop-up saying you’ve been locked out of your operating system. The pop-up explains that in order to get your functionality back, you’ll need to pay a hacker a huge fee to unlock your device.

This is the classic example of ransomware. Let’s learn more about this type of cyber attack and how the victim of a digital compromise might gain access back to their data:

What is Ransomware?

Ransomware is a type of malicious software designed to block access to a computer system until a payment is made. 

Typically, a ransomware attack presents itself as a pop-up or a displayed message, explicitly demanding a fee in order to gain back access to a locked system, according to Kaspersky.

How Exactly Does Ransomware Work?

While there are numerous attack vectors a bad actor can take to execute and install the malware used in a ransomware attack, here’s a common narrative of their methodology:

1. The hacker creates malware and has a shell computer to run code.

Typically, a ransomware attack begins with a hacker creating malicious software (malware). 

We won’t bore you with the details of how the malware itself was created; all you need to know is that the hacker devises a script to trigger a command from a “shell” operating system, ultimately allowing them to control your device remotely.

2. The hacker devises a sneaky social engineering scheme to trick the user into downloading the malware.

But here’s the catch: the bad actor has to get a user to download this malicious software in order to take over the device. This is why they need a plan for tricking a user into installing the malware without realizing it. To do this, the attacker will often devise a clever social engineering schememost commonly, a phishing attack.

While there are a number of phishing tactics out there, bad actors often target a user’s email or text message inbox, attaching malware to a document sent via email or in a link in an SMS message. 

When an unsuspecting user downloads an infected file or clicks a trigger on an infected webpage, they allow malware to be installed within the background of their computer.

When the malware is installed, their command shell receives a trigger, alerting the cyber attacker that a breach has occurred. From there, the bad actor can execute a series of commands remotely, granting them control over the infected device.

3. The hacker locks the infected device or specific data, demanding a fee to be paid in return for access back.

While with other forms of malware a hacker’s objective may be to install this malicious software quietly without the victim noticing (to glean deeper information over time)— ransomware attacks are loud. 

From the moment ransomware is installed, the infected user typically knows, as they receive a message alerting them that their device or data has been compromised. What differentiates ransomware from other types of malware is that the attacker demands the infected user pay a “ransom” to unlock access to their barred device or data.

Notorious Ransomware Attacks

Sometimes it’s easier to understand a cyber attack when you see real life examples of them in action. 

Even big brands can fall victim to ransomware attacks, despite their million-dollar security defenses. Read more about famous ransomware attacks on:

Know the Social Engineering Tactics

Most ransomware attacks occur as the result of social engineering exploits, wherein attacks trick users into downloading malicious software.

Educate your team on the dangers of phishing scams and more by scheduling engaging, interactive security awareness training presentations with the world’s once most famous hacker, Kevin Mitnick.

While social engineering is a huge threat, there are other ways cyber attackers get in. Download our 5-½ Steps to Elevate Your Cybersecurity guide to stay on top of your security, today.

New call-to-action

Topics: ransomware

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

6 Types of Social Engineering Attacks and How to Prevent Them

Social engineering attacks account for a massive portion of all cyber-attacks.

Read more ›

What You Get When You Invest in Social Engineering Testing with Mitnick Security

When testing your employees' social engineering readiness, your teams need simulated attacks that feel as if they’re coming from a nefarious engineer...

Read more ›

Mitnick Security: Ransomware Awareness Training

Ransomware is a type of malware that prevents accessibility to either a single computer or an entire network until a ransom is paid. This can result i..

Read more ›
tech-texture-bg