Ransomware Alert: Big Business and the Evolution of Phising

3 min read
May 3, 2016 at 1:20 PM

Ransomware is certainly nothing new as it has been around for several years, however, it sure is gaining quite a bit of attention these days. In fact, Ransomware is gaining so much attention that on Friday, the FBI released an article discussing the fact that ransomware is on the rise, especially in the first 3 months of 2016. While that fact shouldn't surprise anyone, there are some critical facts that we can learn from the FBI article that organizations of all size should take into consideration and plan for. Before we get to those pieces, let's discuss why there has been such an uptick or surge in Ransomware attacks: stockvault-computer-code-language-with-bugs174332.jpg

  • Competition - While competition is traditionally a great thing, this might be an instance where competition is actually a problem. Cybercrime gangs, particularly in Russia and Eastern Europe, are "competing" with each other to develop the next strand of Ransomware that will lock up your system (or network). Why would they do this? First, because they can as it is a small skill set shift from the other versions of Malware they are already creating. Second, because it is a money-maker! Ransomware started out targeting consumers, and while that is still the case, they found that the real money is targeting enterprises. 
  • Ease of Use - The words that you are about to read are true and I will give them an acronym. RaaS. That stands for Ransomware as a Service. Many of these criminal entities will create a strand or variation of Ransomware and then "license" it to other cybercriminals. This allows them to use it and collect the ransoms as well as "sell" it to other organizations that want to use it. Crazy yet a somewhat genius idea as this mimics many of the ideas that startups have in this country, this is just used for the wrong reasons.
  • Cash is King - If people pay the ransom, organizations will continue to produce the Ransomware. This is about making money, not a genius kid in his parent's basement writing malicious code to mess with a company.

While those are just 3 of the reasons for a surge in Ransomware, the problem that we need to pay attention to is the different methods being use to deploy this nightmare of a scenario to people and businesses. Spam emails were the big hit and how these criminal organizations got Ransomware into the wild in such amazing quantities at a time. While this is still an effective tool and methodology, the FBI announced several new methods that they have seen used recently:

  • Spear Phishing - These are targeted emails to individuals that appear to contain legitimate links to click on or documents to open
  • Whaling - Almost the same as Spear Phishing, the key difference is that these attacks are aimed at Sr. level executives in an organization. The thought here is that they will have access to a larger part of the network based on their role, more information gets locked or held ransom, and the payout is exponentially larger
  • Websites - This is by far the most scary as this doesn't require anyone to open anything or click on a link. The criminals seed legitimate websites with malicious code that is designed to exploit and take advantage of unpatched software on the end users computer. It is essentially invisible and ultimately places the burden of responsibility on your patching methodology

As Ransomware continues to grow, it will only become more sophisticated in how it is released distributed. For that reason, Compass strongly recommends that you have a Security Risk Assessment performed that looks existing vulnerabilities on your systems, missing patches, and possible exploits. To learn more, download a copy of our Security Risk Assessment Services brochure by clicking on the link below. We have also included an infographic with some tips to prevent Ransomware. Print it out, give it to your employees, and let's band together to stop the spread of Ransomware in the wild.

New Call-to-action

 

 

Tips_to_prevent_Ransomware.png

Contact Us

Get Email Notifications

No Comments Yet

Let us know what you think