Skip to main content

Ransomware is now your biggest online security nightmare. And it's about to get worse


Ransomware is rapidly shaping up to be the defining online security issue of our era. It’s a brutally simple idea, executed with increasing sophistication by criminal groups. A huge chunk of our lives is now stored digitally, whether that’s photos, videos, business plans or customer databases. But too many of us have been lazy about securing these vital assets. The criminals’ brilliant twist is to realise they don’t have to steal that data to make money: they just have to make it impossible access again — by encrypting it — unless the victims pay up.
Ransomware was once a menace mainly for consumers, but now it’s a significant threat to business. Just last week, there were warnings about a new wave of ransomware attacks against at least 31 large organisations with the aim of demanding millions of dollars in ransom. The attackers had breached the networks of targeted organizations and were in the process of laying the groundwork for their attacks.
The vast majority of targets were household names, including eight Fortune 500 companies, tech security company Symantec said: if the attack (by a group calling itself Evil Corp) hadn’t been disrupted, it could have led to millions in damages and downtime, with the impact felt through the supply chain.
Some of the hyperbole around ransomware is overblown. It’s probably over the top to describe these WastedLocker attacks as part of Evil Corp’s retaliation against the US government after its leaders were indicted by the Justice Department in December — which is how The New York Times interpreted them. (Indeed, others have argued that the gang is actually trying to attract less attention right now, which is why, so far, it has not threatened to publish information stolen from its victims.)
But it’s also true that these groups are smart, sophisticated and, because around half of companies pay the ransoms, very well funded.
For example the group behind it have access to highly skilled exploit and software developers’ capable of bypassing network defences on all different levels, according to researchers.
How skilled? When a version of their malware is spotted by the defences on victim networks, the group is often back with an undetectable version after just a short time.
In one case the group went so far as to pose as a potential customer to request a trial licence for a security product that was not commonly available, says FOX-IT, part of NCC Group.
The targets of the ransomware gangs have evolved, too. It’s not just about PCs anymore; these gangs want to go after the really irreplaceable business assets too, which means file servers, database services, virtual machines and cloud environments. They’ll also search out and encrypt any backups that organisations foolishly leave connected to the network. All of this makes it much harder for victims to recover — unless of course they want to pay that ransom. And the attackers seem willing to take a longer view too; some of these attacks can take weeks or longer to go from the initial minor breach of network security through to complete control of the victim’s corporate network.
Police forces, lacking officers trained in high-tech crime, are loath to investigate knowing that the perpetrators will be far from their jurisdiction and impossible to catch. Many businesses would rather pay up, return to business as usual and forget about the cost and the stress of the whole thing.
It’s quite possible that ransomware will form the core of a new type of a digital attack, used by nation states and others who simply want to destroy networks. Wiper malware is ransomware whose encryption can’t be reversed, so the data is lost forever. There have been a few of these incidents, but the fear is they could become more mainstream.
Another concern is that, as they become more confident and better funded, these criminal groups will raise their sights even higher. One new worrying trend is that gangs will steal the data as well as encrypting the network. They then threaten to leak the data as a means of pressuring the victim into paying up.
These cyber-criminals often spend weeks poking around in a network before they make their attack, which means they have time to understand key digital assets, like the CEO’s emails for example, allowing them to put even more pressure on their victims.
There’s no obvious end to the ransomware nightmare in sight. Indeed, the likelihood is it will get even worse.

Originally published at https://www.zdnet.com 

Comments

Post a Comment

Popular posts from this blog

Facebook updates iOS app to fix issues that let the camera open in the background

The issues were first reported this month This month, some users of Facebook’s iOS app  found that  that, in at least two situations, the app appeared to be activating the camera in the background without a user’s knowledge. Facebook said yesterday that it was submitting fixes for the issues to Apple, and the company tells us that, as of this morning, the updated app is now available for download on the App Store. I’ve downloaded the update to my iPhone 11 Pro, and I can’t get the camera to accidentally activate in either of the scenarios that were reported — but I also couldn’t get it to activate yesterday, so I can’t personally confirm that the issues are fixed. But if we take Facebook at its word that everything is resolved, it’s nice to see that the company acted quickly. Article reference:  https://www.theverge.com/2019/11/13/20963791/facebook-issue-fix-camera-open-background-update-ios-app-store
Post a Comment
Read more

WhatsApp Users Exchanged Over 100 Billion Messages on New Year’s Eve, A New Record

WhatsApp is one of the most widely used communication apps on the planet and as such, clocks an insane number of messages and media exchanges on a daily basis. But the New Year's Eve broke a record that has been standing since WhatsApp's debut a decade ago. WhatsApp has revealed that users exchanged over 100 billion messages on New Year's eve. And out of that number, more than 20 billion messages were shared by Indian users alone. Moreover, around 12 billion out of the 100 billion+ messages shared on the platform were images. WhatsApp wrote in a press release that over 100 billion messages were shared globally on December 31 in the 24-hour duration leading up to the midnight of New Year's Eve. This is a record-breaking volume and is the highest number of messages exchanged in a single day ever since WhatsApp kicked off its services ten years ago. Out of those 100 billion+ messages shared on New Year's eve, WhatsApp says over 12 billion were images. Meanwhile...
Post a Comment
Read more

Lebanese Protesters Are Using This ‘Bridgefy’ Messaging App - What is it?

Bridgefy is an offline messaging app that lets you communicate with friends and family when you don't have access to the Internet, by simply turning on your Bluetooth antenna. Due to WhatsApp outage and the poor internet services, a new offline messaging app known as Bridgefy has started to gain traction among Lebanese protesters. The people are recommending using this app in case there is a shutdown of internet services. Did you know that: 1 billion people aren’t covered by 3G or 4G networks. 3.3 billion people live in areas where the mobile Internet can be accessed but remain without a mobile Internet subscription. 1 billion people own a smartphone but don’t own a data plan. 40% of the world population is forecast to remain unconnected by 2025. These numbers represent huge amounts of potential users that aren’t being reached by mobile apps. Bridgefy keeps your app working even when people do not have access to the Internet. T...
Post a Comment
Read more