The Rise of Ransomware

Ransomware

IT security company KnowBe4 has issued a warning regarding a new strain of ransomware called VirRansom, which “utilizes both ransomware and parasitic virus features,” according to a statement released Monday, Dec. 8 by CEO Stu Sjouwerman. As a self-replicating program, this particular strain has the potential to lock up a company’s entire system, demanding a BitCoin payment to free the files.

Ransomware is a brazen, yet effective approach to sabotaging a company’s operations by placing all of its files under an encryption key. The organizations behind its deployment often hide their identities within the anonymity of Tor, and demand payment in trackless virtual currency.

The ease by which a ransomware virus can spread has become a troubling problem for IT managers, given the complete interconnectedness of employees, through a variety of personal and company-issued devices as well as across a networks, both internal and cloud-based.

A recent story, covered by NPR, highlighted a company that was presented with a 72-hour countdown clock, which pointed to a deadline at which its files would be encrypted. The business in question was not large – not a typical target for hackers, but was one that found itself at the mercy of extortionists due to a simple human error: a phishing email that resembled a PayPal payment notification appeared in an employee inbox, and once clicked, activated the ransom note and timer.

VirRansom CEO Sjouwerman points out that these types of attacks are very difficult for antivirus companies to keep up with. Quoted in a story at CBS News online, he suggests companies take the following steps to protect themselves in advance:

1. Test the restore function of your backups and make sure it works, and have a full set of backups offsite.

2. Start thinking about asynchronous real-time backups so you can restore files with a few mouse clicks.

3. Get rid of mapped drives and use UNC (universal naming convention) links for shared folders.

4. Look into Whitelisting software that only allows known-good executables to run.

5. Update or enforce security policy best practices, such as thorough security awareness training to prevent these types of infections to begin with because the infection vector is your end-user opening up an attachment or clicking on a link.

Rahul Kashyap, a researcher at the cybersecurity firm Bromium, adds that the programs inside ransomware viruses are getting better at locating high-value files, explaining to NPR that there is greater value in finding autocad files, for example, than regular memos.

Experts are divided as to whether ransoms should be paid, some believing this merely funds more sophisticated crime tools. However all of them agree that the best defence is an offline reproduction of everything a company needs to operate – and that means completely offline.

By Steve Prentice

Fahim Kahn

The 5 Biggest Hybrid Cloud Management Challenges—And How to Overcome Them

Hybrid Cloud Management Challenges The benefits of the cloud—reduced costs, greater IT flexibility, and more—are well-established. But now many organizations are moving to hybrid cloud management platforms. While hybrid clouds do offer a greater level ...
Atman Rathod

How APIs and Machine Learning are Evolving? 

Machine Learning Continues to Make API Development Better  For any developer, API or Application Programming Interfaces come as the helpful components to add valuable features and functionalities with the app they develop. API in many ...
David Gevorkian

Why Web Accessibility is Important and How to Avoid Lawsuits

Why Web Accessibility is Important In today’s digitally driven world, those with disabilities are normally the ones experiencing difficulties when using and navigating the web. This is the prime reason why web accessibility is conceived ...
Chandani Patel Volansys

Pillars of AWS Well-Architected Framework

Well-Architected Framework Cloud computing is proliferating each passing year denoting that there are plenty of opportunities. Creating a cloud solution calls for a strong architecture if the foundation is not solid then the solution faces ...
Robert Van Der Meulen

Focusing on Online Gaming Security During Development

Online Gaming Security Infrastructure Updated article: June 2nd, 2020 There are millions of gamers around the globe and as of 2018, video games generated sales of US$134.9 billion annually worldwide. As video games continue to ...
Alex Brisbourne

Industrial IoT Cyberattacks Continue To Rise

IoT Industrial Security The Internet of Things (IoT) includes both traditional electronics and everyday ‘things’ embedded with sensors, computing, and networking capabilities. From smart coffee makers and smart homes to smart lighting and smart cities, ...