1 00:00:00,06 --> 00:00:02,03 - [Instructor] Malware has been a serious 2 00:00:02,03 --> 00:00:06,02 cybersecurity threat to both individuals and organizations 3 00:00:06,02 --> 00:00:08,02 since the late 1980s. 4 00:00:08,02 --> 00:00:11,04 Ransomware has many of the same characteristics of malware, 5 00:00:11,04 --> 00:00:14,02 so it makes sense to examine them together. 6 00:00:14,02 --> 00:00:16,07 First, what is malware? 7 00:00:16,07 --> 00:00:19,04 Malware is a catchall term for any software 8 00:00:19,04 --> 00:00:22,02 that is designed to gain unauthorized access 9 00:00:22,02 --> 00:00:25,02 to computers or network equipment with the goals 10 00:00:25,02 --> 00:00:28,00 of causing damage, extracting information, 11 00:00:28,00 --> 00:00:30,06 or making money for the attackers. 12 00:00:30,06 --> 00:00:33,08 Malware can take on many forms, including viruses, 13 00:00:33,08 --> 00:00:38,05 worms, Trojans, rootkits, adware, and spyware. 14 00:00:38,05 --> 00:00:43,06 A growing form of malware attack is known as cryptojacking. 15 00:00:43,06 --> 00:00:46,06 This malware variant exploits a vulnerable computer 16 00:00:46,06 --> 00:00:50,05 and uses its resources to mine cryptocurrency. 17 00:00:50,05 --> 00:00:52,03 While there are many types of malware, 18 00:00:52,03 --> 00:00:55,02 the infection methods are often similar. 19 00:00:55,02 --> 00:00:56,03 There are two main ways 20 00:00:56,03 --> 00:00:59,03 that systems become infected with malware. 21 00:00:59,03 --> 00:01:02,01 The first is system vulnerabilities. 22 00:01:02,01 --> 00:01:04,06 These are flaws in hardware or software 23 00:01:04,06 --> 00:01:08,01 that allow malware to get installed and function. 24 00:01:08,01 --> 00:01:11,04 Usually, patches exist to fix these vulnerabilities, 25 00:01:11,04 --> 00:01:14,05 but users and organizations don't always apply these patches 26 00:01:14,05 --> 00:01:18,00 in a timely manner, leaving themselves exposed. 27 00:01:18,00 --> 00:01:20,04 And even old vulnerabilities are still targeted 28 00:01:20,04 --> 00:01:22,06 by malware attackers. 29 00:01:22,06 --> 00:01:26,00 In 2020, a Microsoft vulnerability first identified 30 00:01:26,00 --> 00:01:29,07 back in 2012 was still included in the FBI's list 31 00:01:29,07 --> 00:01:33,05 of the top 10 most exploited security flaws. 32 00:01:33,05 --> 00:01:36,03 The second most common way that systems get infected 33 00:01:36,03 --> 00:01:41,02 with malware is users falling prey to social engineering. 34 00:01:41,02 --> 00:01:44,05 This happens when attackers successfully convince a user 35 00:01:44,05 --> 00:01:48,01 to download infected software, 36 00:01:48,01 --> 00:01:51,00 open an infected email attachment, 37 00:01:51,00 --> 00:01:54,00 or connect an infected disk or drive. 38 00:01:54,00 --> 00:01:56,06 The system still needs to be vulnerable to the malware 39 00:01:56,06 --> 00:02:00,04 that the user introduces for it to work though. 40 00:02:00,04 --> 00:02:02,07 Now let's look at ransomware. 41 00:02:02,07 --> 00:02:06,03 Ransomware is a form of malware that has a special purpose. 42 00:02:06,03 --> 00:02:09,05 It encrypts data and files on the infected computer 43 00:02:09,05 --> 00:02:12,05 and instructs the user to send the attackers money 44 00:02:12,05 --> 00:02:15,01 to recover their information. 45 00:02:15,01 --> 00:02:17,08 In some cases, attackers will also steal files 46 00:02:17,08 --> 00:02:21,01 from the victim's systems and threaten to expose these files 47 00:02:21,01 --> 00:02:24,03 to the public to increase the pressure to pay. 48 00:02:24,03 --> 00:02:27,04 This is known as double extortion. 49 00:02:27,04 --> 00:02:31,00 Ransomware can be a lucrative income for attackers. 50 00:02:31,00 --> 00:02:36,02 In 2020, the FBI's internet crime complaint center, or IC3, 51 00:02:36,02 --> 00:02:40,04 received 2,474 ransomware complaints 52 00:02:40,04 --> 00:02:44,09 that cost victims over $29.1 million. 53 00:02:44,09 --> 00:02:47,01 Of course, these are only the attacks in America 54 00:02:47,01 --> 00:02:48,06 that were reported. 55 00:02:48,06 --> 00:02:50,07 The actual number of worldwide attacks 56 00:02:50,07 --> 00:02:53,09 and money made with ransomware is much higher. 57 00:02:53,09 --> 00:02:56,06 Although ransomware can use any of the malware attack 58 00:02:56,06 --> 00:02:59,09 techniques I mentioned earlier, one of the most common 59 00:02:59,09 --> 00:03:04,02 is the fake urgent email with a malicious link or attachment 60 00:03:04,02 --> 00:03:07,01 designed to trick users to click the link 61 00:03:07,01 --> 00:03:08,09 or open the attachment. 62 00:03:08,09 --> 00:03:10,01 This is a phishing attack, 63 00:03:10,01 --> 00:03:13,00 which is another threat I'll cover in this course. 64 00:03:13,00 --> 00:03:15,09 Due to their success and huge ransom demands, 65 00:03:15,09 --> 00:03:18,06 ransomware attacks have generated a lot 66 00:03:18,06 --> 00:03:21,06 of dramatic headlines, like this one about Acer 67 00:03:21,06 --> 00:03:25,03 getting charged up to a $100 million to get their data back 68 00:03:25,03 --> 00:03:27,06 after a ransomware attack. 69 00:03:27,06 --> 00:03:30,08 As long as systems remain vulnerable and users keep falling 70 00:03:30,08 --> 00:03:33,04 for social engineering attacks, 71 00:03:33,04 --> 00:03:35,07 malware and ransomware will continue to be 72 00:03:35,07 --> 00:03:40,00 serious components of the cybersecurity threat landscape.