←All Posts Posted on August 12, 2016 By admin
Ransomware is one of the greatest threats facing business and individuals in the modern IT landscape, and it’s a threat that’s getting bigger. The reason for this is that it represents a lucrative activity for the people behind it.
According to figures from the FBI, cyber-criminals have collected $209 million in the first three months of 2016, by getting businesses and institutions to pay to unlock their computer servers. This puts ransomware on course to become a billion dollar industry by the end of the year.
Ransomware is effective because it exploits its targets’ fears effectively. Over the years it’s moved on from the early ‘Police-themed’ ransomware – that targeted mainly individuals to trick them into thinking they’d broken the law – to the more recent crypto ransomware that effectively kidnaps the user’s data and asks for a payment to unlock it. This latest type is aimed mainly at businesses who have more to lose from being locked out of their files.
What’s more the delivery methods are becoming more sophisticated too. Where early variants would rely on email attachments or enticing users to visit an infected websites, newer ransomware uses a range of methods. The cuteRansomware, detected in Australia in July, for example, uses Google Docs to transmit encryption keys and gather user information in order to evade detection.
Payment to release locked files is usually demanded in a virtual currency such as Bitcoin. This means that if victims do pay up the payment is practically untraceable, so the perpetrators can operate in relative safety. Their professionalism shouldn’t be underestimated either, security researchers have detected ransomware being sold on an as-a-service model, giving its creators an extra revenue stream and allowing new, less technically adept, actors to enter the field.
Social engineering is still a major factor in the spread of ransomware, so a key part of staying safe is education. Users need to be aware of the risks of clicking links or opening attachments in emails that arrive from unknown sources.
Important data should be regularly backed up and stored away from day-to-day systems, whether this is in the cloud or on external storage devices. This means that if an infection does occur you can recover your information without paying the ransom.
It’s also vital to keep your operating system and other software packages up to date with the latest patches, to avoid falling prey to vulnerabilities that may allow an attacker into the system. Of course, up to date security on the network and the endpoint is a key part of staying safe too.
Nobody who uses the internet can afford to ignore the threat of ransomware, but by a combination of awareness and good Cyber Hygiene you can keep your systems safe.