15 Jul What Are Ransomware Thieves Trying to Do to You?
Ransomware attacks are one of the fastest growing attacks on the Web. However, many businesses are either unaware this attack exists or unprepared to protect their business. That’s why it’s important to know what ransomware is, how to protect against it, and how this threat is continuously evolving.
How Ransomware Works
Ransomware is a form of malware that infects your computer and network. Once they are infected, the ransomware goes to work quickly and silently encrypting as many files as possible. After your files are encrypted, the malware locks you out of your own network.
In most cases, you’ll receive a message demanding you pay a ransom to regain access to your computer. If you don’t pay the ransom in a set amount of time, the ransom is usually doubled. In most cases, you will be required to pay in a cryptocurrency like Bitcoin to keep the transaction anonymous and untraceable.
The virus can also jump from computer to computer, effectively locking an entire business or organization out of its network.
Here’s an analogy: Imagine someone came to your business, changed all the locks on your doors, and then demanded you pay money to regain access to your own property.
In fact, in many ways ransomware is much worse. The attackers are almost never brought to justice. Most are hacking gangs that operate out of Eastern Europe and in countries like Russia and China. Even if the attackers are traced, it’s nearly impossible to extradite and prosecute these criminals.
Who Does Ransomware Target?
Often, the biggest targets are small- and medium-sized businesses (SMEs) due to their lack of security protection and inadequate training for employees on Web security.
A study from Intel Security found that 80 percent of SMEs fail to use data protection plans and less than 50 percent use secure email. That’s why SMEs need small-business IT support that protects them against the ransomware threat.
Victims also include police departments, schools and even hospitals. Recently, a Kentucky hospital had to declare a state of emergency after all of their files were locked. Another hospital in California ended up having to pay $17,500 to regain access to its system.
How Ransomware Finds Its Mark
Most ransomware targets companies and users like many other viruses: through email containing infected attachments that users unsuspectingly download. However, new versions of ransomware can also infect your networks if you visit the wrong website or click on the wrong link in a website.
A Growing Threat
The FBI has reported that ransomware has been around for a few years, but the threat has rapidly grown in just the last year. The FBI expects 2016 to be a record year for ransomware infections.
It’s not just law enforcement sending out warnings.
Kaspersky, the respected antivirus firm, has now labeled ransomware the biggest cybersecurity threat of 2016.
In fact, a recent Cyber Threat Alliance (CTO) study indicated that ransomware attacks have cost victims an estimated $325 million, with many of the targets, which include businesses and individuals, located in North America.
Encryption That Can’t Be Cracked
Ransomware can strike anywhere. A recent Time Magazine article featured a ransomware virus that locked a Tulsa, Oklahoma, firm out of its entire library of files, which included Word and Excel documents. The FBI told the law firm that there was nothing to do.
The encryption is so strong that it’s essentially impossible to break, which means if you don’t have the right data backup strategy from a managed IT service provider like Dobson Technologies, you either have to pay up or lose your files.
The Nightmare of Ransomware Is Growing
Even if you pay the ransom, there is no guarantee you get your files back, a point law enforcement likes to emphasize.
In fact, there are signs that ransomware hackers are becoming greedier. For example, a hospital in Kansas that had its systems infected with ransomware ended up paying the ransom. Instead of releasing all the data, the hackers upped the ante. They refused to release all the passkeys until the hospital paid them more money. The hospital refused, but lost key data in the process.
Beyond that, ransomware gangs are now threatening to publish a business’s data if the owners don’t pay or turn their computers into “bots” that are used for denial-of-service (DoS) attacks across the world.
A Constantly Evolving Threat
Ransomware is also constantly evolving. New versions of ransomware can detect which files might be most valuable for your business, such as payroll data, Excel spreadsheets, and financial information on customers, and attempt to encrypt these files first and foremost.
It just underlines the importance of backing up your files, putting in security safeguards, and scanning emails and websites for ransomware threats.
Other new ransomware like CryptXXX not only encrypts all of your files, but also steals Bitcoins if they’re present on your network, as well as stealing other sensitive data. Other ransomware actively steals all of your usernames and passwords before encrypting your data. Hackers can then use this information to access your company’s banking accounts, steal customer data, and participate in identity theft.