If you haven’t encountered it yet, you’ve heard about it: Ransomware is a type of malicious software designed to encrypt the data or block access to a computer system until a demanded sum of money is paid online. Traditionally, most ransomware thrived on unspoken trust between the cybercrime victim and the hacker, based on the assumption that the attacker will deliver on the promise of the data being released after the money is paid. To this day, most of the cybercriminals around the world have demonstrated a surprising discipline in fulfilling this promise, coupled with a relatively small amount of money that was used to be demanded: just a few hundred dollars for an average home-based consumer.
If you had ever been through a ransomware attack, you most likely had 2 outcomes: you either had a good backup of your data and you had your IT professionals restore your system, or you ended up paying up the ransom to get back to a status quo.
Ransomware world is changing
As the popularity of the ransomware in the cyberworld keeps growing, less “professional” hackers come to play that have different personal standards or the lack of experience to deliver the coding functionality to truly uphold the ransom return promise.
Here is a little recent history: in August 2015 Turkish coder Utku Sen released the source code for “Hidden Tear”, a tool with a purpose to educate general coding public and computer science students who want to understand how ransomware works, about a “ransomware-like file crypter sample which can be modified for specific purposes,” including professional testing against ransomware attacks. The released source code included a legal warning that said the tool should only be used for education, but as you may have guessed, cybercriminals don’t care about legalities.
The Hidden Tear source code was repeatedly reused by hackers to create a new version of file-encrypting ransomware to use for malicious purposes, including demanding ransom from the victims, as in the case of Ransom_Cryptear.B, designed by a Brazilian hacker to encrypt the system files to demand a $500 in return for a decryption key. Unintentionally, the author of Hidden Tear enabled malicious actors to reuse and modify the code to create a real, criminal ransomware.
So we can see a certain possibility of larger numbers of beginner hackers who are now enabled to practice and build-their-own ransomware, and it means more malicious code floating out there just waiting to be picked up by an unsuspected user.
Another threat is a possibility that beginner users may not have the skills to built proper recovery tools, potentially compromising your data. The fact that more and more actors enter the arena can also mean that some of them would not really care about upholding the previously existing “hacker standards” and would not bother to provide you with a decryption key or granting you access back to your system once they got their money.
Many IT security professionals predict a continued rise in ransomware attacks
- 70% of business victims paid the hackers to get their data back, the study found.
- Of those who paid, 50 percent paid more than $10,000 and 20 percent paid more than $40,000.
- 40% of spam emails are infected with ransomware.
Key takeaways on new ransomware threats of 2017
- Ransomware is a money-making crime, and it is only going to get bigger.
- New extortion schemes gain momentum, with expected growth in ransomware code families.
- Ransom amounts will get substantially larger for businesses.
- If you have no backup, you may never get your data back.
Basic tips on Ransomware Preparedness
Both businesses and home users should take steps to protect themselves from ransomware.
- Disable Macros: Document and email macros are a common infection point and should be disabled by default.
- Be Smart: Be cautious when opening email attachments and clicking on any links, even official-looking.
- Patch and Protect: Maintain regular software updates for all devices, including operating systems and applications.
- Purge: consider deleting applications you rarely or never use.
- Guard your privacy: keep confidential data off your systems.
- Backup Your Data: Plan and maintain regular backup routines. Ensure backups are secure, and not constantly connected or mapped to the live network. Test your backups regularly to verify their integrity and usability in case of emergency.
Does your SMB need reliable, expert Security, Data Backup and Disaster Recovery Services in New Jersey?
Call us 201-493-1414 to speak to our IT Security experts or Request a Consultation today. Let’s start a conversation to make sure your business continuity is secured.
Intelligent Business Continuity services from powersolution.com, a New Jersey local IT Security Consulting and Computer Network Support company include remote and on-site computer tech support, proactive monitoring, data backup and disaster recovery solutions, and other assets of Managed Services.