Business Solutions & Software Group Blog

At this stage, you don’t need us to tell you that ransomware is bad. This threat has gone from being an emerging problem to one that is now sensationalized and commonplace in headlines and news stories around the world. According to a recent study, even organizations that do pay the ransom when they get infected by this threat are playing with fire.

Ransomware is a threat that has seen exponential growth in recent years. We have witnessed it grow from a minor annoyance to a considerable global threat. Even the U.S. Justice Department has issued a declaration that they would begin investigating ransomware in much the same way that they would terrorism cases. Let’s take a look at how this policy could change the way your business should respond to these threats.

The recent hack of Colonial Pipeline has led to no shortage of problems, chief among them gasoline shortages all across the east coast of the United States. The pipeline’s operations may have been restored, but the question still remains: what could have been done to stop it, what can we learn from this incident, and what changes can we expect to see as a result?

Ransomware attacks are notorious for their expense to the victim—largely because of the various costs that come along with successful ransomware infections, including many that might not be expected at first. Let’s review some of these costs, if only to reinforce the importance of avoiding ransomware as a rule.

Around this time each year, there’s a tradition of people telling stories that have been passed down for years. We wanted to participate this year, so we’ve decided to reimagine a true holiday classic: Die Hard.

Let’s consider how the action may have played out differently if the movie’s events were to take place today…

From individuals all the way up to companies and governments, ransomware has been causing no small amount of stress for some years now. Let’s take a few moments to discuss this threat, what you can do about it, and how seriously the government is taking ransomware.

Ransomware has become a favorite attack vector for hackers - after all, for them, it’s pretty much a no loss game. They either get paid, or they move on to their next target. Unfortunately, cyberattackers that dispatch ransomware often do get paid, and these payments can sometimes come from a surprising source: cybersecurity firms.

Ransomware hasn’t let up. It is important to understand that any organization, of any kind, is a potential target of a ransomware attack - and yes, this includes municipalities. In fact, since 2013, over 170 government systems at the county, city, or state levels have been attacked.

By now everyone knows about ransomware, the dastardly strand of malware that encrypts data (or the drives it’s stored on) and sends the user a message demanding payment in a certain amount of time before the data is deleted forever. To add a little more menace to an already stressful situation, the message includes a countdown clock. If it sounds like a bad situation, rest assured it is. How could it get worse you ask? Simple, make it more difficult to stop.

If you were a cybercriminal, what would be your preferred method of launching a ransomware attack? Would you rather create a catch-all threat that could capture as many potential victims as possible, or a calculated approach to land a big one? Despite the proven results of larger ransomware initiatives, most cybercriminals have made the shift to smaller, more targeted attacks against specific companies, and in some cases, individuals.

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

The Internet is a vast place filled to the brim with threats, especially for businesses that need to preserve the integrity of their infrastructure and keep critical data safe. The Cisco 2017 Annual Cybersecurity Report states that ransomware is growing at a yearly rate of 350%, which is a considerable number to say the least. Here are five tips that can help you keep your business safe from ransomware infections.

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing history.

Ransomware remains a very real threat, and is arguably only getting worse. Attacks are now able to come more frequently, and there are opportunities for even relative amateurs to level an attack against some unfortunate victim. However, this is not to say that there is nothing you can do to keep your business from becoming another cautionary tale.

2016 was quite the year for cybersecurity and the assorted issues, threats, and concerns associated with it. As 2017 rolls along, we may be able to anticipate what this year might bring by reflecting on the events of the last.

Ransomware might be a relatively new player in the battle for the Internet, but its short history shouldn’t belittle the damage that it can do to both businesses and users of personal computers. Perhaps you’ve had the misfortune to encounter it for yourself, and your files were locked down because of it. Regardless, ransomware is now a prevalent part of the online crime scene, and people are using it to extort money from innocent users, making it a considerable threat.

First hackers created a formidable ransomware. Then, when word got out about how to avoid this ransomware, they began to bundle a second ransomware to create an encryption catch-22. Now, the developers of the Petya and Mischa ransomware have adopted a Ransomware-as-a-Service model and have opened their nefarious malware up to distribution.

Ransomware is so common in the world of online threats that even the FBI has labeled it a massive threat to businesses of all kinds. Unlike other types of malware, ransomware has a unique return on investment that’s measurable and highly lucrative for hackers. A new variant of ransomware called Maktub Locker lures victims into a false sense of security by tailoring phishing emails to match their street address.

Ransomware is a major problem in both the personal and private sectors of computing, but up until very recently, Apple users had little to fear from potential ransomware hacks. Security researchers at Palo Alto Networks have discovered what’s known to be the first completed ransomware on an Apple device. The threat, called KeRanger, is officially “in the wild,” and is a danger to any Mac user.

KeRanger is the first-ever completed ransomware that specifically targets the OS X operating system. In 2014, Kaspersky Labs found an incomplete form of ransomware for Mac, but it wasn’t a viable threat at the time. Now, however, KeRanger is free to usher in a host of more dangerous threats that could target Apple’s coveted operating systems.

This ransomware is spread through a torrenting software called Transmission. Torrenting is a type of software designed to share large files. It’s most widely used to distribute pirated content, like copyrighted films, tv shows, music, and more.

The KeRanger threat as explained by CNet:

If a user installed one of the infected versions of Transmission, an executable file embedded within the software would run on the system. At first, there'd be no sign of a problem. But after three days, KeRanger would connect with servers over the anonymous Tor network and begin encrypting certain files on the Mac's system.

Researchers claim that KeRanger is still under development, but it’s also trying to find a way to encrypt the victim’s backup data. If this happens, users will have virtually no chance of getting their data back without paying the dreaded ransom. Consider how important of a precedent this sets for ransomware; if a ransomware is capable of encrypting not just the files on your local PC, but also the files on your network and your backup files, it could become the most dangerous threat on the Internet.

To counteract this threat, Apple has revoked the security certificate that KeRanger exploits, and has updated its XProtect antivirus software. Transmission has also removed the infected version of its installer, so those who download the client won’t get the ransomware. However, those who have installed Transmission sometime between March 4th and 5th may be affected by KeRanger. If you want detailed instructions on how to identify if you’ve been targeted by KeRanger, and to learn how to best protect yourself from it, you can visit Palo Alto Networks’ site.

Most ransomware makes it borderline impossible to decrypt your files on your own. This is how hackers extort money from users. They play off of the irrational actions caused by fear. This is why it’s so important to protect your business’s assets from ransomware, before you fall prey to it. Implementing a solid security solution is a great way to do so, and you should generally avoid torrenting files in the office anyway. Also, it’s especially important that your employees understand security best practices when browsing the Internet.

The most obvious and important course of action to remember is that your business needs to protect its assets from ransomware, before you get infected. To make sure that your network is protected from ransomware, give Business Solutions & Software Group a call at (954) 575-3992.

Today’s various versions of ransomware are dangerous. By forcibly locking down important files on a victim’s computer, threats like CryptoLocker and CryptoWall are posing significant threats to both businesses and ordinary computer users. However, a new type of ransomware has appeared called CryptoJoker; and we assure you, there’s nothing funny at all about this one.