Ransomware on the Increase
Are you prepared?
Ransomware is not a sequel anyone would want to see at the door again. It is a predator on the increase. And 80% of those vulnerable are unprepared.
Ransomware has become the favorite attack of cyber-criminals for 2016. The statistics show that from minimal use in 2010-2012, the increase over the three following years has grown to over 65% of new families of crypto ransomware identified.
Be prepared: 1) Security Software; 2) Security Device; 3) Strong Passwords; 4) Safe Backup. Check the details or call 626-461-1300. Once attacked, solutions are extremely rare; the best path is to avoid.
Your choices, if you have been attacked, are to either pay the ransom to get your data back or lose your data. Both are unpleasant choices. “But couldn’t you restore your data from a backup?” Yes. That’s a good option for those who have a backup. Amazingly, more than 80% do not have even this simple precaution. Do you?
One form of ransomware, Petya ransomware encryption system, has been cracked, or unlocked. That is, one unidentified programmer produced a tool – which he shared on code-sharing site Github – that allowed him to help his father-in-law unlock his Petya-encrypted computer. Can you guess how many others will not be aware of this lone key generator? Or how long it will take for cyber-criminals to avoid the same?
But that one sliver of solution faces the recent announcement that Adobe Flash Player has a vulnerability that has been exploited to deliver ransomware. Billions of customers have been urged to apply an emergency update. Software malware provider, Malwarebytes offers protection from the Adobe vulnerability.
For home users, the simplest of disaster recovery plans would start with a full back up of the data you would not want to lose: photos, documents, videos, financial information, whatever you have that could not be re-installed (software) or downloaded again from the original source (Internet).
There are good software protections available (Malwarebytes) and inexpensive security devices (Firewall). These, while representing a cost to implement, can keep the cyber-criminal away. And with all the talk about security issues, breaches, hackers, data loss, you’d think that saying, “Make sure you have a strong password,” would be unnecessary. It isn’t! Numbers, letters (upper & lower case) and characters (!@#._-) help to create a strong password from 8-16 characters in length. Please. Nothing shorter than 8. Another help, we are told, is a separate Administrator account.
What does the FBI, the nation’s top law enforcement agency, say about dealing with ransomware types of attacks? “Just pay the ransom.” “The ransomware is that good,” said Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program in its Boston office. “To be honest, we often advise people just to pay the ransom.”
The LA Times reported that Hollywood Presbyterian Medical Center paid $17,000 in cyber-ransom in February of this year. February 5 they network of the medical center became infected with malware that shut down their communication. So they paid the ransom.
Respected security firm, Trend Micro reported that there is a new malicious software being offered to would be cyber-criminals. Ransomware-as-a-Service, a program called Ransom32, uses AES encryption with a 128-bit key to lock files. Given four days, if payment isn’t made the price of decryption increases by 1 Bitcoin or about $425. The bitcoin allows for international ransom to be extorted. Ransom32 allows the less tech-savvy cybercriminal to purchase from developers a ready made crime package.
As with most cyber-attacks, “people are considered the weakest link. They are also both the most abundant resource and the most susceptible target,” said James Scott, Institute for Critical Infrastructure Technology.
In order to protect computers and data from attacks like these, businesses and personal device users should first educate themselves about the malicious programs that are out there – and then invest in threat protection solutions that can make a difference in the level of protection these personal and business machines have. – Trend Micro
Contact Alliant today for more information. 626-461-1300.
Chart From LA Times Article quoted above