BusinessEducationHomeIn the Press

Ransomware Attacks Escalate

By 22nd Feb 2016 Oct 18th, 2016 No Comments
ransomware attacks escalate

With a lot of successful attacks in 2015, it is clear hackers are not going to slow down. We have seen an increase in attacks on our customers of late, making security a bigger issue now than it has ever been before. This is in part due to lack of end-user knowledge and also in part due to out-of-date software. Anti-virus programs often DO NOT stop ransomware or if they do it is often too late. Please make sure you and the people you work with are aware of the risk and do not open attachments or links from people you don’t know.  The latest emails are especially convincing.

We’ve gathered some important points you need to know.

Browser-based data leakage

Often overlooked by security teams as a low level threat, malicious browser extensions have been a potential source of major attacks affecting more than 85% of companies.  Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.  There are free programs available to clean your browser.

Old Malware wearing New Robes

The number of ransomware attacks is predicted to increase and companies and IT support needs to find new ways of combating this, or just consistently update software and unsupported hardware. When ransomware first started appearing, it would include an alarming message telling the user that his or her computer had been infected and would need to be wiped clean with a (fake) anti-virus software.  Nowadays ransomware is more likely to arrive in your inbox masquerading as a legitimate attachment or link.  Sometimes it will even look like its sent from someone in your organization or from the same domain.

Chimera Crypto-Ransomware Wants You

Late last year, researchers at Trend Micro reported on the Chimera crypto-ransomware, which encrypts files and threatens to release them to the Internet if the ransom isn’t paid. Access to the computer becomes restricted and it leads the user to believe that personal data could be spread onto the internet if they do not pay the bit-coin amount. It looks like this:

Chimera Ransomware

It was then discovered that the program could not actually access the data on your computer, however your computer does not know this, which gives the user more of an incentive to pay the bribe.

Ransom32

Already this year there have been widespread attacks. Ransom32, uses AES encryption with a 128-bit key to lock up files and extort Bitcoins from unsuspecting users. The timeline given is four days, at which point, if the payment isn’t made, the price of decryption will increase to 1 Bitcoin, or $350 according to the ransom message.

Ramsom 32

It’s only been reported on Windows machines so far. It is a new kind of ransomware where less tech savvy criminals can download the software and implant it onto other people’s machines. The criminals just have to purchase the program and the sellers just ask for a margin of the profits.

This highlights the threat of ransomware because more instances can be made by inexperienced hackers.

Locky

Locky is a ransomware that comes in the form of a Microsoft Word file ending in “.locky”. It comes in through your email acting as an invoice. Think twice before clicking as it will hijack every file on your system. If you find any of these files on your system now, you are infected, and the only cure is to rebuild your PC from scratch or pay the ransom. However, it is near impossible to trust whether the hacker will actually restore your files. This is why remote back-up and up to date security is ever so important. Locky is spreading at the rate of 4000 infections per hour. Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds vicious macro functions). It looks similar to the below:

Email Locky

The new ransomware also has the capability to encrypt your network-based backup files. So it’s time for you to keep you sensitive and important files in a third party storage as a backup plan in order to evade future ransomware infections.

What can you do about it?

These are not the only ransomware and malware threats facing us, cyber criminals are constantly building new threats to steal information. It is of utmost importance that you back-up frequently and in different ways.  Invest in threat protection, in this day and age one cannot afford to use free protection software.

We also suggest outsourcing your IT. Outsourcing is a global trend on the rise in many industries as way to reduce costs to company. Outsourcing IT and Security in SME’s increased by 10% in 2015. A move that we seriously recommend when it comes to ensuring the proficiency and security of your system.

Contact Dial a Nerd about our options with protecting your data.




Leave a Reply