2 min read Data Management Blog

Four Types of Ransomware You Should Know About

Learn about the four types of ransomware that infects computer systems, how to detect them, and mitigate their damage.
Four Types of Ransomware You Should Know About

I read Jenna Phipps' article about the Four Types of Ransomware You Should Know About. In it, she describes the following four ways in which ransomware software typically infects computer systems and data.

Locker ransomware

This type of ransomware restricts access to infected computers using screen locking or by blocking access to critical OS files. However, it is also somewhat easier to recover from, as there may be other means of accessing computers even when their screens are locked.

Crypto ransomware

This type of ransomware encrypts individual files on a computer such that their contents are scrambled, and hence can no longer be deciphered without a key. To make things worse, each file may be encrypted with a different key. For an organization, timely backups and sound recovery strategies could help mitigate the damage from this type of ransomware.

Doxware

In some cases, an attacker might choose to not only encrypt individual files but also threaten to "dox" the victim by publishing the compromised data on the Internet. This type of ransomware has privacy implications for organizations that are required to be GDPR, CCPA, or HIPAA compliant, especially since backup strategies do not work against it.

Ransomware-as-a-Service (RaaS)

Yep, that’s a thing!!! 🤯

Just like SaaS, RaaS is code built by hackers, which is sold to other hackers as a service, who then use it for extortion! RaaS has a sohisticated business model based on profit sharing of the ransom amounts paid by the victims.

This was particularly fascinating, so I looked around, and found that CrowdStrike has a great article on Ransomware As A Service (RaaS) Explained that explains this business model in more detail. Check it out!

Detection and Mitigation

From an anomaly detection perspective, Techniques for Ransomware Detection describes the strategies for establishing a baseline of normal activity for critical data files, monitoring for anomalous activity that may provide early signals of the presence of ransomware, and mitigating its spread within the organization.

Lastly, Jenna also writes about ways to mitigate the impact and spread of ransomware. It depends on effective endpoint device management, patch management, remote service access control, and employee training.

Hope you enjoyed reading this!

Subscribe to my Data Management Newsletter for more original content on databases, data management and data protection!

Subscribe

You might also like...

Jun
16
Top Cloud Computing Security Threats

Top Cloud Computing Security Threats

A rundown of the business impact and mitigation measures of the top cloud computing security threats from the 2022 Cloud Security Alliance survey
12 min read
Jun
11
Do You Need a Microservice Catalog?

Do You Need a Microservice Catalog?

Microservice catalogs build a global information view about an application's microservices. Should you consider them for your application stack?
3 min read
Jun
06
Fauna DB: What is it, and should I consider it for my apps?

FaunaDB: What is it, and should I consider it for my apps?

A short and quick introduction to FaunaDB, the serverless, distributed, document-relational database with a developer-friendly cloud API.
4 min read
May
28
MLOps vs AIOps: What's the difference?

MLOps vs AIOps: What's the difference?

An overview of the MLOps and AIOps worlds to understand what they mean, how they relate to DevOps, and how they compare in terms of benefits.
9 min read
May
13
Deep Dive into Google's AlloyDB Architecture for PostgreSQL

Deep Dive into Google's AlloyDB Architecture for PostgreSQL

An exploration of AlloyDB's architecture and design, focussing on its storage engine, with descriptions of how it handles reads and writes
10 min read

Member discussion