What is Ransomware and How to Prevent Ransom-ware attacks?
Posted on
Ransom-ware has been the cause of major wide-scale attacks in the global IT arena. Norton sonar protection has been a major help to tackle this problem. Norton error 3039 1is said to be the cause of this error.
Legacy technology really means that these systems have been built over time. And the fact that they’ve been built over decades and decades means that they’ve had to replace parts.
They have systems that are no longer in use. They have systems that are no longer- they don’t have companies that support them anymore. And when that happens, you can’t really update that technology because maybe that vendor went out of business.
And so you can’t really keep these systems in check from a security standpoint. That becomes very challenging when you’re trying to actually secure the infrastructure as a whole when you have all of these different pieces of your technology from different vendors that might not be around anymore. And so, what makes things particularly bad for critical urban infrastructure?
So the fact that you have a whole bunch of different vendors that have made different parts and you might not even be aware of the software versions that
are in those parts to be able to update them, and the fact that you have a lot of invulnerability challenges where you have integration between different components.
And that integration also has vulnerabilities, so it makes it very difficult to understand what your problems are. So how do hackers choose a vulnerability to go after?
And the reality is that they look for the path of least resistance because why try and spend a lot of time building their own exploits and finding their own vulnerabilities that are very difficult to find when they can have equal impact on very low hanging fruit,
especially with the case that urban systems generally do not have a whole bunch of security experts on hands that are updating and fixing all this technology as there are problems that arise. So how do the attackers exploit the vulnerabilities?
Well, usually using existing exploit kits. And these exploit kits are either open source
and available online- you can find one today in a tool like Kali Linux, which is a suite of different exploit tools. Some buy exploits on the dark web. Some buy them from nation-states. And some are just leaked from government organizations.
For example, in the US, urban infrastructure has been attacked from ransom-ware recently using a series of NSA exploits leaked. And this causes huge issues because these exploits apply to vast amounts of systems.
So what do attackers do once they have access and exploit the vulnerability? Well, usually, they have very clear goals in mind for what they’re going to do once they get into the system.
But afterward, they either try and get out and make sure that no one ever knew that they existed and be very stealthy, or they persist in the network, and they hide there waiting to attack next time. And this causes a lot of challenges because we don’t know if they’re there anymore. So, for critical urban infrastructure,
there are many different attack lines or, as we say, attack vectors. And there’s no silver bullet to solving it. And so that’s why we need to be aware of all the players, all the different types of attackers, the different ways they try to break into our networks,
and also, what they might want to do once they’re there.
