Be Ready for Ransomware

Ransomware continues to emerge as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware runs, it locks victims’ files. The cyber criminals demand payment in return for the decryption key needed to release the files.  

You are probably well aware that ransomware is a hot topic in the news these days as attacks target all types and sizes of organizations. Small businesses are particularly vulnerable to attacks as ransomware is on the rise. Researchers identified more than 4 million samples of ransomware in Q2 of 2015, including 1.2 million new samples. That compares with fewer than 1.5 million total samples in Q3 of 2013 (400,000 new).

The rate of attacks is also on the rise. While Q1 2015 had a 165% increase in ransomware attacks from the prior quarter, the number of ransomware attacks in Q1 2016 was 300% greater than Q4 2015.

Cyber criminals distribute ransomware in a variety of ways. Protection is difficult because, just like the flu virus, ransomware constantly evolves. Between 14% and 17% of attacks in Q1 2016 were new variants, indicating that cyber criminals continue to be creative in finding new ways to do harm.

Over $325 Million was paid by businesses to recover their data in 2015. This number is expected to exceed $1.2 Billion in 2016. The real cost might be 3 times or 4 times these figures when the labor and lost productivity is added up.

You can protect your business against ransomware attacks. In our new eBook, a Business Guide to Ransomware, you will learn how malware spreads, the different types of ransomware proliferating today, and what you can do to avoid or recover from an attack. Hiding your head in the sand does not work, because today’s ransom seekers play dirty. Make sure your organization is prepared.

For a 1:1 consultation and assessment of your risk, contact us today.


Security Alert: New Malware Wipes Hard Drives to Prevent Detection

As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.

Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.

Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.

In short, once infected, it is nearly impossible to remove without rendering you PC useless.

As Rombertick infection rates are still low, the best protection is good security practices:

  • Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
  • Do not click on attachments from unknown senders
  • Block email attachments that include executable scripts or code

While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.

If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.

Click these links to learn more about our Webroot solutions and additional data protection and security solutions.