Ransomware Reaches Epidemic Proportions
Ransomware Epidemic
Ransomware is a type of malware that is covertly installed on a computer without knowledge or intention of the user. Ransomware restricts access to the infected computer system by encrypting data and demands that the user pay a ransom to the malware cyber criminals to unencrypt the data.
The FBI recently reported incidents of ransomware on the rise, particularly against organizations because the payoffs are higher. In addition, the Department of Homeland Security has issued a recent alert on emerging ransomware variants. Last year, Matrixforce posted CrptoLocker Prevention: Top 12 Defenses Against Business Loss. However, still today no single anti-malware or firewall can prevent ransomware infection. These cyber attacks are so sophisticated that computer users may become infected from legitimate websites, without clicking on links on a page or in an e-mail. Further, new strains are corrupting server and workstation operating systems, requiring full re-installation of systems AND restoration of data to replace encrypted files.
There is no one method or tool that will completely protect you or your organization from a ransomware attack.
– James Trainor, FBI Cyber Division Assistant Director
The FBI Infragard reports that nearly 10% of Oklahoma businesses are infected by ransomware each month, with cybercrime only continuing to escalate. In response, Matrixforce has issued an emergency warning to existing customers and developed a new Overwatch® service to mitigate ransomware:
- Cyber security services to prevent ransomware from downloading security keys to encrypt data and corrupt servers or workstations.
- Breach Security annual risk assessment, policies and procedures update, and employee training/testing with consolidated portal to also store critical documents including recording security incident response.
- Device management for online two-factor authentication, anti-malware, Microsoft & third-party updates, data loss prevention rules, and selective device wipe with lock and restart capabilities.
Ransomware Attacks
This spring, NBC news reported that ransomware attacks cost businesses over $200 million in just the first three months of 2016. As ransomware attacks escalate, ransom prices vary depending on the ransomware variant and the price or exchange rates of digital currencies. Thanks to the perceived anonymity offered by cryptocurrencies, ransomware operators commonly specify ransom payments in bitcoins. Recent ransomware variants have also listed alternative payment options such as iTunes and Amazon gift cards. It definitely should be noted, however, that paying for the ransom does not guarantee that users will get the decryption key or unlock tool required to regain access to the infected system or hostage files.
Hospitals, financial institutions, and small business are particularly easy prey and big pay days for cyber criminals. Because of compliance regulations, each of these groups must also pay government penalties and disclose security violations to protect the privacy of customers. Unfortunately, the notoriety only gives more incentive for cyber criminals.
Mac ‘Ransomware’ Attack Exposes Vulnerability of Apple Users – For the first time, security experts say, a dangerous form of software called “ransomware” has successfully targeted a Mac operating system, piercing an image of safety that Apple customers had long enjoyed.
Hospital Declares ‘Internal State of Emergency’ After Ransomware Infection – A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up.
Big Paydays Force Hospitals to Prepare for Ransomware Attacks – One of the most extreme cases took place in February, when Hollywood Presbyterian Medical Center handed over $17,000 to hackers who took over its systems.
Congress warned about cybersecurity after attempted ransomware attack on House – Congressional gridlock can usually be blamed on stubborn representatives and senators. But a new string of ransomware attacks on the House of Representatives could stall legislation more effectively than party infighting or a filibuster.
‘Ransomware’ crime wave growing – It began with an early morning phone call and instant fear for the technology director of Horry County, South Carolina’s school district.
Maryland hospital: Ransomware success wasn’t IT department’s fault – MedStar, the health network of 10 Maryland hospitals struck by a ransomware attack last week possibly due to failed system patches.
Ransomware alert issued by US and Canada following recent attacks – The plague doesn’t appear to be going away anytime soon. Why should it? It’s proving a lucrative swindle for cyber thieves.
‘Ransomware’ Attacks to Grow in 2016 – The number of cyberattacks where malware holds user data “hostage” is expected to grow in 2016 as hackers target more companies and advanced software is able to compromise more types of data, according to a report from Intel Corp.’s McAfee Labs.
Ransomware attacks quadrupled in Q1 2016 – Ransomware has taken off in 2016, with attacks in the first quarter coming at quadruple the rate seen last year, according to figures from a leading security vendor.
Ransomware: Lucrative, fast growing, hard to stop – The hackers behind recent high-profile ransomware attacks on U.S. hospitals are using business methods that might be familiar to some Silicon Valley start-ups.
Ransomware Prevention
Naïve or arrogant computer users foolishly believe that they are protected from ransomware with anti-virus or firewalls, or know enough to avoid infection that could really never happen to them anyhow. However, the only way to prevent full compromise from ransomware is a combination of new cyber security, on-going breach policy/procedure education, and stringent device controls.
Overwatch® is a new service combining cyber security protection that prevents ransomware from downloading encryption keys along with a complete data breach solution and mobile device management – all for just $15.39 per user per month. For full details see: https://www.matrixforce.com/overwatch
Small and medium-sized businesses are especially easy targets for cyber attacks and largely unaware of compliance penalties. Business owners and management teams should literally take a lesson from the approach and title of the book Moneyball: The Art of Winning an Unfair Game. Because of Internet publicity, organizations can no longer ignore cyber attacks and compliance risk.
Don’t Become Easy Prey. Learn how to protect your business from data breach, cybercrime, and employee fraud with this new book featuring Kevin Fream and other cyber security experts from around the world.
