Is it possible to 'crack' ransomware?
The first ransomware attack was recorded in 1989, after more than 30 years, ransomware became more sophisticated thanks to the explosion of the Internet, digital transformation and the advent of cryptocurrency.
According to Statista statistics, every 11 seconds an organization becomes a target of ransomware. In 2022, there will be more than 493 million ransomware attacks globally. The numbers not only serve as a warning about the prevalence of this type of online attack, but also highlight the extent of damage that can be caused to individuals and organizations.
However, only 27% of attacked organizations chose to pay the ransom. The rest choose to turn to IT experts to 'break the lock', also known as decrypting encrypted data files. The question is, is it possible to decrypt all ransomware?
The nature of ransomware
Ransomware is malware that encrypts files on an infected device. When a device is infected with ransomware, the owner usually receives a notification via a pop-up window, or in some cases a desktop wallpaper, asking to take steps to send a ransom to get the 'key' back. ) decryption.
Sometimes cyber criminals provide victims with decryption keys after a ransom is paid. But there are also cases where they run away and leave the victim with the encrypted files.
While ransomware can target individuals, hacker gangs often target companies, where they can earn larger ransoms.
How is ransomware decrypted?
Ransomware is 'cracked' using decryption tools - software designed for each specific type of ransomware to decrypt infected files. When a file is decrypted, the originally executed random code is decrypted and the original data is converted to text. There are many different ransomware decryption tools, both free and paid.
Technically, all types of ransomware can be decrypted, but each ransomware needs its own decryptor. It is not possible to use one set of tools to apply to all ransomware. This is the reason why it is difficult to neutralize ransomware, victims must know what type of ransomware it is to find the right tool.
Next, the decryption process also consumes huge time and computing resources, depending on the malware's algorithm. For example, with a 2048-bit RSA key, an average desktop computer will need 5 million million years to 'detect' the password.
In other words, victims will need quantum supercomputers to increase success and shorten the time to retrieve their data. Unfortunately, quantum machines cannot appear on a large scale in the near future.
In 2019, Google announced a quantum computer chip capable of solving experimental calculations in about 200 seconds for a task that would take a traditional supercomputer 10,000 years to perform.
Therefore, with current technology, Internet users need to take measures to 'prevent' ransomware with a comprehensive security strategy, rather than trying to jailbreak the device when it is infected with malware or paying a ransom and waiting. Waiting on the 'good will' of hackers.
You should read it
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
- [Infographic] 7 effective ways to protect businesses from Ransomware
- How to decode ransomware InsaneCrypt (Everbe 1.0)
- Why is Ransomware the perfect hack?
- Learn about Ransomware: 6 ransomware on computers
- Detecting two unusual versions of ransomware, shows that the world of ransomware has become diversified
May be interested
- Detection of Windows SmartScreen vulnerability being exploited to spread DarkGate malwarea new wave of active darkgate malware exploits a vulnerability in the now upgraded windows defender smartscreen.
- Serious vulnerability helps hackers attack Facebook accounts without the victim's actionscyber security expert samip aryal has just published information about a security vulnerability on this social network, allowing hackers to exploit victims' accounts without requiring any action from them.
- How are scammers using your face to commit fraud?how cautious are you about how your face is used on the internet? if you do not appreciate the importance of this, you should change it immediately.
- The new attack technique uses a wireless charger to issue voice commands and heat up the deviceresearchers at the university of florida and certik discovered a new series of attacks called 'voltschemer' that can use the magnetic field emitted from a wireless charger to issue voice commands that control the phone's voice assistant. smart phone.
- New malware discovered that can bypass Windows SmartScreen and steal user datainternational security researchers from the trend micro team have just issued an urgent warning about a previously unknown type of malware that is actively exploiting the windows defender smartscreen vulnerability cve-2023-36025. and compromise the target computer.
- What is Quishing? How to prevent a Quishing attack?what is a quishing attack? how does this form of attack work and what can you do to protect yourself from being targeted?