The Year of Ransomware

coins-currency-investment-insurance-128867-copy

Ransomware is a threat you’ve probably heard a lot about in 2016. That’s not without good reason – it’s one of the main cybersecurity threats facing businesses today.

Though preventative steps do exist, this is still an extremely effective attack method you can’t afford to ignore. One successful attack is all it takes to set your business back drastically.

The Method

Victims of ransomware receive demands for bitcoins, the volatile virtual currency whose value to real world dollars can rapidly change at any moment, making it even more difficult for a business to secure their data’s release.

The standard attack goes like this: Online gangs of cyber criminals remotely encrypt and lock computers, leaving victims with a ransom screen they can’t get past. The screen provides instructions for how victims can go about obtaining these bitcoins then how to send them to the attacker.

Once the ransom has been delivered, a decryption key will be automatically sent out. The whole process plays out like an assembly line, with new encryptions constantly being written and sent out so that ransomware can infect as many workstations as possible.

It’s an incredibly annoying method of attack that is unfortunately only increasing in popularity.

A New Industry

These attacks have become so lucrative that a whole industry – supporting a staff of employees as though this were a legitimate business ­– have popped up.

A recent Bank Info Security article describes these as “customer service centers,” where businesses struggling to pay their ransom receive technical advice on how to send the funds in or even “occasionally allow them to negotiate lower ransom payments or deadline extensions.”

These criminals pray upon fields that really can’t wait to negotiate these ransoms or rely on backup – which is still the best way to remedy this form of attack. The fields of healthcare and finance, for example, can’t wait around till access to their data is restored. Without full access to system services or records, a person’s life may literally be in jeopardy. In finance, if a client needs access to their funds or other sensitive information, they may not have the time to wait.

More than just losing customers, these attacks bring the possibility of dramatically impacting innocent lives.

Prevention

Unfortunately, methods of remediation from ransomware attacks still remain limited. As previously mentioned, backup remains the best way to restore your systems.

Bank Info Security notes that, “Researchers have managed to crack the crypto used in some types of ransomware, allowing some victims to decrypt their files for free.”

Of course this is also a fairly unreliable strategy, as the criminals developing ransomware are also aware of this, and they are frequently updating their programs to fix this “flaw.”

So what to do in place of this?

Take every step you can to prevent ransomware from getting through your security. Email filtering, blocking employees from visiting questionable websites and teaching them what attachments or documents should be left unopened are all valuable methods of defense.

Furthermore, BAI Security’s Threat Radar service provides 24/7 malware monitoring protection, allowing us to find malware (including ransomware) in real time and allow you to take immediate steps to prevent the ransomware from being opened and implemented.

Ransomware is a threat that isn’t going anywhere soon, so protect yourself and your valuable data.

Posted in BAI Security Blog and tagged , , , , , , , .