Ransomware is a type of malware that deny user access to its own system and demands payment before the system is restored. According to Cybersecurity Ventures, ransomware harm expenses will reach $11.5 billion by 2019. That figure is up from 2015s $325 million and 2017s $5 billion. There are primary two types of ransomware attack; namely locky and crypto. Locky-ransomware locks the victim from accessing to its computer, while crypto-ransomware encrypts its victims important files. Crypto-ransomware is considered to be more dangerous, as the effect is irreversible, even after removing crypto-ransomware from the system. This is because all encrypted files remain encrypted without the decryption key. The existing contributions that use to protect the system from ransomware are strengthening the security system, backup the data regularly, keep the system updated and so on. However, most of the method that mention above are the general way to prevent the system from ransomware. In this report, we will discuss in more detail about the latest ransomware attacks. We also look as the most common infection vector used by ransomware to infect its victim. Then we provide recommended remedial to deal with ransomware attack

–Ransomware is a growing threat to the global population. There are many attacks such attacks since 2012, notable ones namely WannaCry and Petya. These attacks had costed millions, maybe even billions of dollars in economic losses. Ransomware employs a method known as cryptoviral extortion, a three-step protocol that aims to take the users data hostage and demand a ransom for it. There are existing defensive countermeasures against these ransomwares such as Paybreak; a decryptor for files, ShieldFS; a filesystem to detect malware based on adaptive models that is constantly being updated and SSD-insider; a mechanism that uses the NAND flash delayed deletion feature to recover files. Studies have also shown that awareness is important in defending against ransomware attacks, and end-user habits may increase the likelihood of being at risk. Therefore, to address the issue where defence mechanisms are not addressing, the awareness aspect, we have proposed a solution to address both the technical aspect of defence and the socio-cultural aspect. Our solution aims to educate the user to improve and supplement our defence. The end-user plays an active role rather than a passive stance in the other solutions listed above. In the worst-case scenario, the end-user should be able to deal with the scenario appropriately by not giving in to the demands of the attacker via our solution.