Gavin Livingstone, Bryley Systems Inc.
Ransomware continues to grow at a rapid pace:
- The FBI received over 2,400 Ransomware complaints in 2015
- There was a 30% increase in Ransomware cases in Q1-20161
- Ransomware infections in April 2016 more than doubled2
The most-popular variants and their distribution methods:
- CryptoWall – Distributed through ZIP attachments on email files
- Samas – Propagates on vulnerable web servers
Why it is so attractive to cyber-criminals:
- There is a direct path to immediate payment from the recipient (versus other, riskier, cyber-crime methods that require selling something, i.e.: credit-card information, to unknown parties that might be law enforcement)
- It is easily spread through phishing (and now, vulnerable web servers)
- The technology is constantly improving
- Anyone and everyone is a target
- Temporary or permanent loss of sensitive files and information
- Significant disruption to daily operations during recovery
- Financial impact to restore (or re-enter) encrypted files
- Possible harm to the organization’s reputation
A few of the best defenses:
- Backup your files at least daily and store these backups at a remote location3
- Keep anti-virus/anti-malware software and operating systems up-to-date
- Do not click on Web-links on an email or a website
- Whitelist desired applications; blacklist all others
- Restrict end-user access and permissions
1Please see “Q1 2016 saw a Record High for Ransomware” by Larry Loeb of Security Intelligence on May 24, 2016.
2Please visit “April 2016 was the Worst Month for Ransomware on Record in the US” by GoldSparrow in Computer Security articles at Enigma Software.
3Go to “Ransomware and Recent Variants” published by the US Computer Emergency Readiness Team (US-CERT) on March 31, 2016.
4Visit “More Ransomware – Jeez I’m getting sick of this topic!” in the May 2016 edition of Bryley Information and Tips (BITs).