The Rise of Ransomware

Answer To Everything.png
The Manuscript.png
Holiday Photos.png
Disaster Recovery Plan.png
The Backup.png

Ransomware

IT security company KnowBe4 has issued a warning regarding a new strain of ransomware called VirRansom, which “utilizes both ransomware and parasitic virus features,” according to a statement released Monday, Dec. 8 by CEO Stu Sjouwerman. As a self-replicating program, this particular strain has the potential to lock up a company’s entire system, demanding a BitCoin payment to free the files.

Ransomware is a brazen, yet effective approach to sabotaging a company’s operations by placing all of its files under an encryption key. The organizations behind its deployment often hide their identities within the anonymity of Tor, and demand payment in trackless virtual currency.

The ease by which a ransomware virus can spread has become a troubling problem for IT managers, given the complete interconnectedness of employees, through a variety of personal and company-issued devices as well as across a networks, both internal and cloud-based.

A recent story, covered by NPR, highlighted a company that was presented with a 72-hour countdown clock, which pointed to a deadline at which its files would be encrypted. The business in question was not large – not a typical target for hackers, but was one that found itself at the mercy of extortionists due to a simple human error: a phishing email that resembled a PayPal payment notification appeared in an employee inbox, and once clicked, activated the ransom note and timer.

VirRansom CEO Sjouwerman points out that these types of attacks are very difficult for antivirus companies to keep up with. Quoted in a story at CBS News online, he suggests companies take the following steps to protect themselves in advance:

1. Test the restore function of your backups and make sure it works, and have a full set of backups offsite.

2. Start thinking about asynchronous real-time backups so you can restore files with a few mouse clicks.

3. Get rid of mapped drives and use UNC (universal naming convention) links for shared folders.

4. Look into Whitelisting software that only allows known-good executables to run.

5. Update or enforce security policy best practices, such as thorough security awareness training to prevent these types of infections to begin with because the infection vector is your end-user opening up an attachment or clicking on a link.

Rahul Kashyap, a researcher at the cybersecurity firm Bromium, adds that the programs inside ransomware viruses are getting better at locating high-value files, explaining to NPR that there is greater value in finding autocad files, for example, than regular memos.

Experts are divided as to whether ransoms should be paid, some believing this merely funds more sophisticated crime tools. However all of them agree that the best defence is an offline reproduction of everything a company needs to operate – and that means completely offline.

By Steve Prentice

Efficient Dispatch Operations with Spare Location Intelligence for DSPs

Efficient Dispatch Operations with Spare Location Intelligence for DSPs

Digitally transform operations of field technicians, design & planning team to reduce overall MTTR by 45% Most of the Digital Service Providers (DSPs) are struggling with the rising cost of repeat-dispatch and a higher Mean ...
Matthew Groves

Episode 14: NoSQL – What the Media is Saying

NoSQL and the Media NoSQL is becoming the must have for organizations needing to manage data in ways that traditional relational databases were just not designed for. What has the industry media been saying about ...
Data Web Accessibility

Data Centres Of The Future

Data Centres Of The Future As humans require more and more computing power and more and more cloud storage, we’re going to need more and more data centres. So what do the data centres of ...
Scott Leatherman

Speeding up Digital Transformation During the Pandemic – 7 Steps to Unlocking the Benefits of Cloud

7 Steps to Unlocking the Benefits of Cloud The pressure for IT leaders to support more workloads and remote staff with limited resources is as contagious as the pandemic. The most powerful tool in their ...
Kamal Maggon

Mining Business Value – Accelerating a US Company’s Cloud Transformation

Mining Business Value Traditional industries like mining have been slow to adapt to changing IP technology.  Of course, coal and other mining types have adopted new technologies starting with mechanical drills powered by pistons, then ...

TECH ELEARNING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.