Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £29.99 £19.99. New subscribers only. T&Cs apply

Find out more

Ransomware: Understanding Their Behavior and Operation

In the video, you will learn more about Ransomware, malware that locks files and then prompts users to pay in order to unlock them.
What we’re going to talk about in this first video what ransomware is, a little bit about its behaviour in its operation. And then in the next video, we’ll be talking about some of the most famous instances of ransomware. So what is ransomware? Now ransomware is another malware family, but once it’s on a target computer, it will encrypt the system data and files. Then it prompts the user for a payment order to unlock the files. So on the right there, you see this is a picture from WannaCry. And what would happen is your system gets infected, the same vector that we’ve seen in every attack so far.
It’s either social engineering, it’s another vulnerability, maybe you’ve got some sort of SMB vulnerability on your system, or you get infected, or you fall susceptible to a Trojan or something like that. Once it’s on your system, the ransomware then executes. And it would typically encrypt your master file or any series of any set of files on your system. And in this case with WannaCry, you then get a pop-up like this that says, “Hey, you’ve got this much time to pay us the ransom to get your data– the key to unencrypt your data. If you don’t pay us within this much time, the price goes up.
You don’t pay us within this additional amount of time, your files are gone for forever.” And then typically, they only accept some sort of cryptocurrency like Bitcoin for payment. This has been one of the most dominant forms of malware that we’ve seen in the last couple of years because it’s the most effective way for attackers to make money. There’s a big debate out there on if you are a victim of this, should you pay or should you not pay? And it’s going to depend on your situation, that data, if you have backups, what you lost, and your personal ethical views on the scenario.
Hands down, the single most effective thing to do about ransomware is to make sure that you have regular and effective backups. If they encrypt all of your data, it doesn’t matter if you can just re-image your machine and pull your data down from the safe backup. So that’s definitely the most effective backup against this. And that’s something that everyone should be doing. And in the next video, we’re going to talk about NotPetya. And it’s interesting because NotPetya technically isn’t ransomware, it’s more along the destructive line. But it does the same vector and it’s got its name from ransomware. So we’ll get into that a little bit more in a minute.

In this video, you will learn more about Ransomware, a type of malware that locks files and then prompts users to pay in order to unlock them. Increasingly, this is the most common form of attack because it is a way for hackers to make money.

Investigate and share: Find an article on a recent instance of Ransomware and evaluate what the consequences were for the firm under attack. Share your reflections in the comments area at the bottom of this page.

This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now