Year by year ransomware and its creators are getting smarter. After every successive attack, the expert post-mortem slowly reveals scarier and more dangerous strain of an epidemic that will plague businesses, at least until the next variant appears. We in the industry are all too aware of how the devastating little snippets of code work their way into our devices, but does the average Joe? Many folks are not too aware of some of the rather infamous facts about this crippling form of cyber-attack. Here are some things about ransomware that you might not know.
It’s all about a click
Ransomware is a malware that tricks you or rather you employees, simply to click the malicious link. As single click and it will secretly start downloading into your system. The link can be quite deceptive – from the now classical – you’ve just won the lottery, to move devious social engineering. The approach may come through emails or as a security patch for the latest software. But, the ransomware trap closes quickly once the targeted enters the trap.
This malware then encrypts your data and grab your access to your system. This is cyber extortion, and the attackers do not release your data until you pay them the ransom. As we have seen, some ransomware perpetrators are open to negotiation.
Paying ransom does not guarantee you your data
But sometimes paying the ransom does not bring an end to the tragedy. This brief period of history is full double-crossing, treacherous betrayal. Even following compliance, some perpetrators have not released their ill-gotten data.
However, nowadays when ransomware has become frighteningly pervasive, the trend sees these cyber crooks becoming more honest; so to not to lose the trust of the victims. After all, trust in a transaction in paramount, even when the deal is done in Bitcoin.
A liking for Healthcare and Hospitals
During the past couple of years, the annuls have recorded the details of many ransomware attacks that have hit hard at organizations such as hospitals where data is the core asset of the business. The recent massive and the by far largest internet catastrophe WannaCry attack has also targeted NHS of Britain (here). These attacks may result in a massive loss of revenue and reputation, not to mention the risk to life.
Ransomware malware intelligently targets your most sensitive data
Ransomware malware is more of a smart tool that gets inside the system and detects the most sensitive data. The attacker then hits this data the first and locks it with an encryption that the user cannot decipher. All the victim sees is the “Oops Your Data Is Encrypted” message and the amount that the company has to pay to recover the data.
The ransom requested varies depending upon the victim’s location
Not all the time the attackers go for a hefty amount of ransom. It actually depends on the countries where the attack is targeted. If your company is based out in the USA, you are likely to be asked for more ransom than the victims of developing countries. These cyber crims have an obvious grasp of the laws of supply and demand.
The world’s largest ransomware demand has just be paid by a South Korean hosting company. The company, Nayana, after two days of negotiations, managed to reduce the ransom to 397 Bitcoins (~ $1M). Nayana agreed to pay the ransomware in three installments, and said Saturday it’s already paid two-thirds of the $1 million demand.
Bitcoin is the currency of choice for ransomware
One of the reasons why ransomware is so prolific and is spreading like wildfire is in a word, Bitcoin. The cryptocurrency makes the attack less risky with higher rewards. This is because the Bitcoin payment method is almost untraceable while the cash payment or account payment are easy to track. This is a an issue that the cryptocurrency engineers will surely have to grapple with.
Shocking news – the pandemic is likely to spread more frequently
Since the cyber criminals are remorseless, they can trigger the malware using a Trojan virus to anywhere, anytime via anyone. Seemingly, nothing can come in the way of this epidemic wave of crippling cyber extortion. Moreover, these attackers not only encrypt your data but now they steal your data to ensure you cannot retrieve the data until you pay them. So, this unstoppable and destructive cyber catastrophe is likely to speed up in the years to come.
Backup your data and save it out of sight
The best inoculation against this plague is the humble backup, but never sync this data to any of the account of your system. Due to the intelligent nature of ransomware malware, it can even reach the backup of your data if it has any link with the device under attack.
Above all, educate your users
There are plenty of vendors and MSSPs out there today that will help run drills, training sessions and exercises to better prevent users from clicking on suspicious links or inserting that innocuous looking USB drive. Your own employees can be converted from being the weakest link to the strongest line of defense. When in doubt, just don’t click!