Network Risk Management and Information Security Technology Against Ransomware Malicious Codes Attack


勒索軟體是一種特殊的惡意軟體,又被歸類為阻斷存取式攻擊,其與其他病毒最大的不同在於手法以及中毒方式。勒索病毒 (勒索軟體/綁架病毒)迅速竄起,是一種惡意程式攻擊型態也被證實是網路犯罪集團的一棵搖錢樹。這一點從2016 年上半年勒索病毒新家族數量就成長了172% 即可看出。事實上,駭客除不斷創新和更新犯罪工具之外,更不斷從現有的目標當中積極找尋更多潛在受害者,同時也採用社交工程等攻擊來提高獲利。在一般的勒索病毒攻擊當中,歹徒會將惡意程式植入您的電腦,讓您的電腦或檔案被鎖住而無法使用。歹徒會向您勒索一筆贖金,您需支付贖金才能拿到解開電腦或檔案的「虛擬鑰匙」。您若拒絕支付,但資料卻沒有備份,那麼這些資料將永遠一去不返。根據趨勢科技 Trend Labs 報告發現:99% 的勒索病毒都是透過電子郵件或網站連結進行散播攻擊。趨勢科技光在2016 年上半年就發現了79 個新的勒索病毒家族,這數字較 2015 年一整年的數量成長了 179%。根據趨勢科技接獲的案例回報顯示,感染勒索病毒 Ransomware 的受害企業當中,近三成是重複感染,肇因分析是未即時修補伺服器的安全漏洞形成防護空窗,因此讓惡意程式攻擊有機可乘。


Ransomwares have been proven to be a cash cow of malicious code attacks and cybercrime groups. The related reports have shown from the first half of 2016 the number of Ransomware family grew up 172%. Moreover, in addition to constantly innovating and updating malicious codes tools, hackers are constantly looking for more potential victims from existing targets, and using new tactics to improve profitability. According to the Trend Micro Trend Labs report, 99% of the Ransomwares are distributed via e-mail or site links using social engineering tools. Trend Micro found in the first half year of 2016, 79 new Ransomware families were found and exceed the number of 2015 year, the growth of 179%. According to Trend Micro's studies, nearly 30 percent of the victims of the infected virus Ransomware are infected, and the cause of the attack is a failure to repair the server's security vulnerabilities, so that the malicious attacks can take the advantages.


