3 min read

Pro tip for 2018: treat the ransomware threat like an imminent hard drive failure

Filip TRUȚĂ

January 26, 2018

Pro tip for 2018: treat the ransomware threat like an imminent hard drive failure

With the General Data Protection Regulation knocking on everyone”s door, breaches will have to be taken more seriously than ever. At the same time, new data indicates that ransomware attacks are rising steeply, which means neither organizations nor regular users can afford to sit around with their arms crossed.

Ransomware attacks doubled in 2017, and were the primary driver of an overall increase in total incidents, according to the latest Cyber Incident & Breach Trends Report from the Online Trust Alliance.

Reported cyber incidents targeting businesses also nearly doubled (from 82,000 in 2016 to 159,700 in 2017). However, since many cyberattacks are never reported, the alliance believes the actual number could be much higher.

Attacks seeking ransom accounted for half of all reported incidents. These included malware-laced phishing attacks, malvertising, drive-by malware, and even a new form of ransomware combined with denial of service (RDoS), where the attacker threatens to attack via denial-of-service if ransom is not paid.

In any case, ransomware has become a massive problem. From the massive WannaCry and Petya/GoldenEye contagions in 2017 to the more recent highly-targeted attacks hitting healthcare providers one after another, everyone is now a blip on cybercrooks” radar.

Bitdefender predicts that ransomware will become more advanced and more sophisticated in 2018, potentially even using the GPU in your computer to speed up the encryption process. And ransomware-as-a-service platforms will make the threat even more accessible to one-off hackers, boosting the volume and complexity of ransomware samples to emerge this year.

But the real reason ransomware poses such a problem for everyone is its anatomy.

Why is ransomware so popular?

Ransomware is a highly efficient, highly lucrative form of malware. Three major drivers have propelled it to its sudden infamy:

  1. Ransomware can infect a computer through an array of attack vectors – from social engineering and spam to drive-by attacks, rigged popular applications, vulnerabilities, and malvertising – and render all data on that machine unusable.
  2. Until recently, you had to know code to hack someone; today, anyone can go to the Dark Web, buy the ransomware of their choosing, and attack.
  3. The anatomy of ransomware ensures that the damage produced is substantial while the attacker can remain completely anonymous, whether you pay him or not.

How to mitigate risk?

According to the same report, some 93 percent of all breaches could have been avoided had simple steps been taken. These can include:

  • regularly update software
  • block fake email messages using email authentication
  • train people to recognize phishing attacks
  • use browser-based scanning for malware
  • limit administrative access to data to contain the spread of an infection
  • use DDoS protection services to limit the impact of an attack

For large businesses, OTA makes the following recommendation:

“…since some organizations may determine that paying a ransom is the necessary course of action for a given incident, and Bitcoin is the most common form of payment request, it is recommended that organizations set up a Bitcoin wallet in advance. This type of proactive planning is not unlike establishing relationships in advance with crisis management firms, forensics specialists and law enforcement – it is easier to make logical, informed decisions during the calm than it is during the storm.”

However, most cybersecurity experts agree that victims should refrain from paying the ransom, as payment encourages criminals to strike again, and gives rise to new legions of hackers. Some law enforcement agencies advise the same.

At the same time, those same agencies (including the FBI) agree that sometimes the damage from lost data can be so large that it”s better to just pay and hope that the hackers stick to their end of the bargain – decrypt the data. But…

What if I don”t want to pay the ransom?

Since your data is inaccessible and unusable, getting infected with ransomware is the same as having your hard drive fail on you. And, make no mistake, hard drives do fail eventually!

“Viewing ransomware as an imminent hard drive failure points toward the simplest measure you can take: keep regular, offline backups of your important data,” says Bogdan Botezatu, senior e-threat analyst, Bitdefender. “This way, even if you get infected, you can always recover your important data, whether it”s photos of your cat, or millions of dollars” worth of intellectual property.”

For more peace of mind, use a trusted antivirus solution. Bitdefender offers ransomware protection that sniffs out suspicious behavior before you can make a mistake and get infected. It is particularly paranoid about the security of your Documents folder or any other folder you deem highly sensitive, but it also keeps a close check on all files on your system. For Mac users, Bitdefender offers Time Machine backup protection – to make sure ransomware and attackers can”t touch your backups.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account
Alina BÎZGĂ

August 05, 2021

3 min read
Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux
Filip TRUȚĂ

August 05, 2021

1 min read
Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read