Cryptocurrencies and Ransomware: How VDI Can Help Defend Against Ransomware

Cryptocurrencies and Ransomware

The WannaCry ransomware made headlines back in May when it crippled hospitals across the UK and put organizations around the world on high alert. Even those of us lucky enough not to be infected suddenly had a new awareness of, and respect for, ransomware. But, ransomware isn’t new and, even more worrisome, it’s on the rise.

Why the increase in ransomware attacks, you ask? Are there simply more skilled hackers in the world? Probably, yes, but there’s another factor making ransomware attractive to the evil doers in the world. The rise of ransomware can be linked to the rise of cryptocurrencies.

A Brief History of Cryptocurrencies

A cryptocurrency is a digital or virtual currency that uses cryptography to secure its transactions and control the creation of additional units. The first, and arguably most popular, cryptocurrency is bitcoin. Bitcoin was released as open source software in 2009 by unknown programmers, and has since maintained its place at the top of the cryptocurrency food chain.

Unlike the dollar bill (or whatever physical currency you carry around), a cryptocurrency isn’t issued by a central authority or subject to any Government manipulation. Cryptocurrencies live outside the regulations that govern most currencies. Transactions take place between users, without an intermediary, making them completely anonymous.

That’s what makes cryptocurrencies so attractive to ransomware authors. In the past, collecting ransom was a complicated process that required resources to launder the ransomware fees. Now, anyone can easily sign up for a bitcoin wallet and anonymously trade in bitcoins.

With the rise of cryptocurrencies, ransomware became an unfortunately feasible career path for your everyday hacker. Consequently, solid corporate IT security policies became an order of magnitude more important.

The Increased Value of Security

Cryptocurrencies, and how they enable ransomware attacks, dramatically change the security calculus for corporations. Traditional hackers compromised an organization’s data. When a hack did occur, the organization’s customers and their exposed credit card numbers suffered the brunt of the attack. The organization might suffer some ill will and bad press, but business went on.

Ransomware shifts the hacker’s impact from the customer to the corporation, disabling the business and costing the company in lost revenue, in addition to the ransomware fees. Already, 2017 has seen a number of large ransomware payouts, and these are only the fees that are being reported. It’s not hard to imagine that, in some cases and against expert advice, companies are simply paying ransomware fees without reporting them, in order to minimize their losses due to down time.

No matter how many operating system updates IT applies, there will always be a hacker who can find a new way in. IT’s only option is to keep ransomware out of their corporate data center and, in the event it gets in, mitigate its effect. Thankfully, VDI is here to help.

How Can VDI Help?

VDI, or Virtual Desktop Infrastructure, is the concept of moving user’s desktops off of their desks and virtualizing them in a data center or cloud. Organizations turn to VDI for a number of reasons: VDI secures corporate data by moving it off of the user’s end points and into the data center, it provides remote access to users, and it simplifies some IT tasks related to desktop maintenance.

Thankfully, VDI can help protect you against ransomware, as well. You just need to consider how you architect your VDI solution.

Consider a fairly common VDI setup where corporate data is located on a centralized server and users are provided with non-persistent virtual machines. This configuration is ideal for minimizing the effects of Malware, but what about ransomware?

If the user browses to a malicious website and their VM becomes infected by ransomware, the ransomware encrypts the user’s profile and, more troubling, it may encrypt data found on a mapped network drive. Now, consider what happens when the user logs out of their virtual machine and that VM is deleted or reimaged. The ransomware is gone, but the user’s data is still encrypted and, with the ransomware removed, it may be impossible to unencrypt. In this VDI scenario, the only recourse is an airtight data backup and recovery scheme.

So, how can you architect VDI to protect your organization against ransomware? You build a VDI environment that gives users access to the internet without compromising your data. The key is isolation.

Ransomware originates from a malicious website, which the user may visit in a browser or access via an email. (If only we could stop users from clicking on links in emails…) Therefore, to mitigate the chance that the user’s VM or physical device is infected, isolate their applications and Web browsers. Or, said another way, move any part of your VDI environment that may expose the user to ransomware up to the cloud.

That cloud isolates, controls, and contains your most common attack vector: your end user. If you provide users with email or Web access via an application or browser that is installed on a desktop in the cloud, any ransomware or other malicious content is contained to that desktop in the cloud. Lock that desktop away from your corporate data, and delete it as soon as the user logs out or encounters a problem and the ransomware never has a chance to hold your data ransom.

With ransomware, it’s not a matter of if, but when your company falls prey. To save both money and your sanity, make sure that attack is contained in an area that doesn’t have access to your core corporate data. VDI and the cloud can help!

By Karen Gondoly

Move bot migration

MoveBot – New Data Transfer Platform

Data Transfer Platform Branded post by Movebot As cloud computing and storage continue to provide enhanced ROI to organizations, businesses are storing their data on the cloud– instead of on-premise servers. Storage migration is an ...
Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...
hybrid cloud management platforms

Do We Have A Right To Remote Work?

A Right To Remote Work? Remote work is the reason that most companies were able to survive during the pandemic. Whilst some of us may not enjoy working from home as it causes your work ...
Sebastian Grady

Leveraging Hybrid IT Now to Power Digital Transformation 

Leveraging Hybrid IT Summary: Cloud is a dominant force in enterprise software today. Global market turbulence is forcing some companies to accelerate moving parts of IT to the cloud sooner than expected to adapt to ...
Nvidia

Graphics Card Manufacturer Nvidia Acquisition Under Investigation

Nvidia Acquisition Under Investigation The takeover of British chip-design company Arm is being scrutinized by regulators in the U.S., the U.K., China, and now the European Commission have opened up a competition investigation into the ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.