The Evolution of Ransomware Leaves No Room to Hide
Ransomware attacks have always been detrimental. This new evolution, however, is making it difficult for victims to hide the severity of the damage. Data is no longer simply encrypted and held for ransom. It’s also copied and sent to the criminal for them to do as they please. And their usual route is to publish the stolen information.
The city of Torrance, CA, part of Los Angeles county, was recently hit with an attack that demanded 100 bitcoin (Around $689,000 depending on the exchange rate of the day.) The attackers also published that data and would only take it down if the ransom was paid.
Similarly, the Solution provider Cognizant was attacked. This not only left their systems compromised, but also some of their customers. A refusal of the company to pay the ransom would certainly lead to the publishing of everything stolen.
Before this new wave of ransomware, many affected entities refused to disclose the severity of the incursion. PC Matic CEO, Rob Cheng, has always been a strong advocate for accountability in ransomware attacks.
He believes that accountability, listing the severity of the attack, the name of the ransomware strain, and the security solutions in place when it happened to name a few, are all part of a larger picture. By having all the data available, it is easier to solve the problem of why it happened in the first place.
But victims rarely have been transparent in their information. There’s a stigma attached to ransomware victims that they weren’t diligent enough or didn’t have enough security measures in place. In many cases, that’s true. But to really get to the bottom of the breach, all the information regarding it needs to be available.
Fighting ransomware is an every day battle. With the increase of employees working from home, data protection is more necessary that ever. Employee education, whitelist protection, and RDP security should be at the top of everyone’s list to keep their networks safe.
In addition, we recommend continuing to have data back up and recovery for files. Not all attackers are using these more sophisticated methods. Keeping your data backed up and protected is still a solid part of any defense plan.
Ultimately, ransomware is all our responsibility. Taking precautions, education yourself, and increase your security.
Please view the recording of our webinar on How To Spot The New Wave of Phishing Attacks by clicking here.
2,213 total views, 5 views today