Posts Tagged :

ransomware

Ransomware: Cybercriminals are adding a new twist to their demands Ravensdale Digital

Ransomware: Cybercriminals are adding a new twist to their demands

Cybercriminals are adding a new twist to their demands

Pay the ransom or we’ll leak your data is the latest trend, warns cybersecurity company.

Cybercriminals Protection in Port Elizabeth, South Africa

Image: Emsisoft

Ransomware could be getting even nastier: a security firm is warning over a new trend among some cybercriminals to not just encrypt data, but steal some of it and use it as leverage to ensure a target pays up.

In several recent cases, it has been reported that the ransomware gang have not just encrypted data but also threatened to leak the data, too. Emsisoft says these attacks elevate the ransomware threat “to crisis level” and called on government organizations to immediately improve their security.

“If they do not, it is likely that similar incidents will also result in the extremely sensitive information which governments hold being stolen and leaked,” the cybersecurity company said.

Emsisoft said by its calculations that in 2019 across the US, ransomware attacks impacted at least 948 government agencies, educational establishments and healthcare providers at a potential cost in excess of $7.5 billion. The impacted organizations included 103 federal, state and municipal governments and agencies, 759 healthcare providers and 86 universities, colleges and school districts.

It said that the impact of ransomware included emergency patients being redirected to other hospitals, medical records made inaccessible and, in some cases, permanently lost, and emergency dispatch centres being forced to rely on printed maps and paper logs to keep track of emergency responders in the field.

Read More

 

This unusual new ransomware is going after servers Ravensdale Digital

This unusual new ransomware is going after servers

This unusual new ransomware is going after servers

PureLocker ransomware appears to have links to some of the most prolific cybercriminal operations active in the world today.

An unconventional form of ransomware is being deployed in targeted attacks against enterprise servers – and it appears to have links to some of the most notorious cyber criminal groups around.

The previously undetected server-encrypting malware has been detailed in research by cyber security analysts at Intezer and IBM X-Force, who’ve named it PureLocker because it’s written in written in the PureBasic programming language.

It’s unusual for ransomware to be written in PureBasic, but it provides benefits to attackers because sometimes security vendors struggle to generate reliable detection signatures for malicious software written in this language. PureBasic is also transferable between Windows, Linux, and OS-X, meaning attackers can more easily target different platforms.

Read More

ConnectWise warns of ongoing ransomware attacks targeting its customers Ravensdale Digital

ConnectWise warns of ongoing ransomware attacks targeting its customers

ConnectWise warns of ongoing ransomware attacks targeting its customers

ConnectWise

Image Source: ZDNet

Hackers are trying to break into on-premise ConnectWise Automate systems and install ransomware on customer networks.

ConnectWise, a Florida-based company that provides remote IT management solutions, is warning customers that hackers are targeting its software to gain access to client networks and install ransomware.

ConnectWise Automate is a software package that lets IT admins manage a company’s computer fleet and other IT assets from a central location. It’s a classic remote access/management solution that many large companies use when they have assets spread across a large number of locations.

The software is available in a cloud-based offering, but also as on-premise servers, for more secure setups.

Read More

Ransomware – Precaution is better than Paying Cash Ravensdale Digital

Ransomware – Precaution is better than Paying Cash

Ransomware – Precaution is better than Paying Cash

According to a 2017 Annual Threat Report by SonicWall, ransomware attacks have exploded in 2016. SonicWall’s Global Response Intelligence Grid saw more than 628 million ransomware attempts last year, up from the 3.8 million attempts recorded in 2015, and 3.2 million recorded in 2014. A 19% increase year-over-year is alarming, but a 165 fold increase over the course of a single year is a call for action.

As a business owner in today’s world, you are not safe from ransomware attacks. Learn how you can prevent a cyber-attack on the IT infrastructure of your business and keep data protected. Remember precaution is always better than giving ransom money to cybercriminals.

Last week’s global ransomware attack #wannacry successfully immobilized over 200,000 computers across 40 countries, including 70,000 machines and medical equipment across NHS hospitals in England and Scotland. The attack also caused large corporations to halt operations, such as the UK’s Nissan Manufacturing Plant- one of the busiest in the country, and FedEx, which later ordered all North American facilities to take any non-essential Windows devices off their networks.

The attack was thwarted late Friday afternoon by a 22-year-old in the UK, who exploited a flaw in the malware by registering a $10 domain name. It seems the malware was calling out to a specific unowned domain to carry out the attacks. Now at the start of a new work week, security experts are expecting #wannacry to make a comeback- this time it will be missing its kill switch.

Below you will find a quick summary of the different types of ransomware and how you should protect your business from future risk.

Ransomware can affect your devices in different ways, usually broken down into two sub-types, encrypting and non-encrypting.

Encrypting Ransomware

Encrypts your documents, pictures, videos and every other type of file format you have on your computer. You will need to pay a cybercriminal for a key to decrypt the system. Examples of encrypting ransomware include CryptoLocker and CryptoWall.

Non-Encrypting Ransomware

Locks your screen and prohibits you from accessing the system. You will only be able to access your computer when you pay the ransom money. WinLock is an example of non-encrypting ransomware. There are also a few non-encrypting ransomware trojans that display fake messages from law enforcement agencies to extract money from victims.

A Less Common Ransomware

Another type of ransomware is MBR (Master Boot Record) Ransomware. It strikes the MBR section of the computer’s hard drive and restricts it from booting the operating system.

Is your Business At Risk? Yes, it is.

Last week’s #wannacry attack is a great example of why no one is safe from ransomware. If your business has a computer and access to the internet, your business is at risk.

Cybercriminals attack businesses for many reasons such as:

  • Unlike individuals, business owners are assumed to have the resources to pay large amounts of money in short time periods.
  • Many business owners do not report cyber-attacks because they believe that it will damage their reputation and negatively impact their customer base.
  • Cybercriminals know business owners will look for the quickest solution if their business operations are disrupted. In most cases, this means paying the ransom.
  •  New business policies such as BYOD (Bring Your Own Device) or Remote Access File-Sharing provide flexibility to employees. But, they also offer an easy platform for cybercriminals to attack your business.
  • Business owners often ignore the security of IT infrastructure which makes the computers prone to vulnerabilities.
  • Usually, small business owners manage the IT infrastructure on their own without the help of experienced IT professionals. This leaves businesses defenceless against multiple data issues including ransomware.

How does a Ransomware affect a Computer?

  • The most common method involves using spam emails with malicious links.
  • Vulnerable software and installation of pirated/outdated software.
  • If you visit an untrusted website or a legitimate website with malicious code, it can spread ransomware.
  • If your PC is on a ransomware-affected network, it can give cybercriminals access to your data.

Precautions against Ransomware

Precaution is the best solution in a fight against ransomware! Cybercriminals take advantage of unpatched software, outdated apps, and pirated operating systems to access your system. It is best to take preventative measures against ransomware so you do not have to leave your business’ uptime in the hands of cybercriminals. Here are a few tips to help keep you safe:

  • Keep the operating system updated. Avoid using pirated versions of operating systems. Update your apps regularly. Remember that patches save you from a large number of cyber-attacks.
  • Install a robust anti-virus program and make sure that your employees update it regularly.
  • Backup your data to an external hard-drive or any other backup appliance. Cloud-based ransomware attacks have made it necessary to use a physical layer as part of your back-up strategy. Also, do not forget to back up your websites and website databases.
  • Do not login to untrusted websites and train employees to avoid trusting unknown websites.
  • Provide limited access to certain users. If a user’s PC is infected by ransomware, cybercriminals will only be able to access areas the user is allowed to. This can help mitigate risks to other devices in a different security layer.
  • Set up strong SPAM filters to block attachments such as .exe, .zip, .rar, .scr, etc. to restrict access to SPAM messages with ransomware trojans.
  • Disable macros on your entire network. Use of macros for malware attack is a very common phenomenon. You can use the new blocking feature in Office 2016 and disable it via a Group Policy or on an individual basis.

Cybercriminals are inventing new ways of attacking your business every day. It can be taxing to try and keep up with the latest security updates and best practices. That’s why many business leaders choose to hire managed IT professionals to oversee and protect their IT infrastructure. Choose a reputable company to manage your IT environments that can ensure accountability and has a proactive service model. This way, decision-makers can focus their efforts towards new business goals and drive future growth!

If you have any further question about ransomware or need technical support, Ravensdale IT is only a call away. Call  067 822 1105 and learn more about how Ravensdale IT can protect your business from ransomware attacks and many other forms of cyber-attacks.

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, mainly from 3rd party services. Define your Privacy Preferences and/or agree to our use of cookies.