Skip to main content
News

Ransomware Attacks Escalate

By 22nd Feb 2016Feb 12th, 2021No Comments
ransomware attacks escalate

With a lot of successful attacks in 2015, it is clear hackers are not going to slow down. We have seen an increase in attacks on our customers of late, making security a bigger issue now than it has ever been before. This is in part due to lack of end-user knowledge and also in part due to out-of-date software. Anti-virus programs often DO NOT stop ransomware or if they do it is often too late. Please make sure you and the people you work with are aware of the risk and do not open attachments or links from people you don’t know.  The latest emails are especially convincing.

We’ve gathered some important points you need to know.

Browser-based data leakage

Often overlooked by security teams as a low-level threat, malicious browser extensions have been a potential source of major attacks affecting more than 85% of companies.  Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.  There are free programs available to clean your browser.

Old Malware wearing New Robes

The number of ransomware attacks is predicted to increase and companies and IT support need to find new ways of combating this or just consistently update software and unsupported hardware. When ransomware first started appearing, it would include an alarming message telling the user that his or her computer had been infected and would need to be wiped clean with a (fake) anti-virus software.  Nowadays ransomware is more likely to arrive in your inbox masquerading as a legitimate attachment or link.  Sometimes it will even look like its sent from someone in your organization or the same domain.

Chimera Crypto-Ransomware Wants You

Late last year, researchers at Trend Micro reported on the Chimera crypto-ransomware, which encrypts files and threatens to release them to the Internet if the ransom isn’t paid. Access to the computer becomes restricted and it leads the user to believe that personal data could be spread onto the internet if they do not pay the bitcoin amount.

It was then discovered that the program could not actually access the data on your computer, however, your computer does not know this, which gives the user more of an incentive to pay the bribe.

Ransom32

Already this year there have been widespread attacks. Ransom32 uses AES encryption with a 128-bit key to lock up files and extort Bitcoins from unsuspecting users. The timeline given is four days, at which point if the payment isn’t made, the price of decryption will increase to 1 Bitcoin, or $350 according to the ransom message.

It’s only been reported on Windows machines so far. It is a new kind of ransomware where less tech-savvy criminals can download the software and implant it onto other people’s machines. The criminals just have to purchase the program and the sellers just ask for a margin of the profits.

This highlights the threat of ransomware because more instances can be made by inexperienced hackers.

Locky

Locky is a ransomware that comes in the form of a Microsoft Word file ending in “.locky”. It comes in through your email acting as an invoice. Think twice before clicking as it will hijack every file on your system. If you find any of these files on your system now, you are infected, and the only cure is to rebuild your PC from scratch or pay the ransom. However, it is near impossible to trust whether the hacker will actually restore your files. This is why remote back-up and up to date security is ever so important. Locky is spreading at the rate of 4000 infections per hour. Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds vicious macro functions).

The new ransomware also has the capability to encrypt your network-based backup files. So it’s time for you to keep you sensitive and important files in third party storage as a backup plan to evade future ransomware infections.

What can you do about it?

These are not the only ransomware and malware threats facing us, cybercriminals are constantly building new threats to steal information. It is of utmost importance that you back-up frequently and in different ways.  Invest in threat protection, in this day and age one cannot afford to use free protection software.

We also suggest outsourcing your IT. Outsourcing is a global trend on the rise in many industries as a way to reduce costs to the company. Outsourcing IT and Security in SME’s increased by 10% in 2015. A move that we seriously recommend when it comes to ensuring the proficiency and security of your system.

Contact Dial a Nerd about our options for protecting your data.

Leave a Reply