Pro IT Services: Professional - Proactive - Proficient

PG&E Public Safety Power Shutoff is scheduled for Wednesday, October 9th at 4 AM for much of Northern California. For planning purposes, PG&E suggests customers prepare for outages that could last several days. Please take appropriate actions to ensure the safety of your systems if you are in a targeted shutdown area. See if your area is affected here...

Prepare Now or Pay Later: More Ransomware Attacks in the News

April 7th, 2016 by admin

Silhouette of a running man carrying a giant 1 Euro coin, against a blue digital cityscape

We're only a few months into 2016, but we've already seen two high-profile ransomware attacks—where cyber-crooks heavily encrypt a victim's computer files before demanding payment for a decryption key only they can provide. Two notable incidents grabbed headlines:

  • In January, Israel's Electricity Authority was hit by what officials termed "a severe cyber attack." What early media reports described as a possible terrorist plot to knock out Israel's national power grid turned out to be a multiple ransomware infection that crippled the agency's IT network—most likely triggered by an employee falling for a phishing scam (as little as clicking a link in a bogus email). The Israeli government didn't reveal whether they'd paid off the crooks in order to restore the network.
  • Closer to home, one month later Hollywood Presbyterian Medical Center in Southern California gave in to hackers' demands for 40 Bitcoins—a little under $17,000—to restore access to their ransomware-encrypted network. With patient care potentially in the balance, the hospital decided the quickest solution would be to simply pay the ransom.

Pay or Don't Pay: Where Do You Stand?

A recent study from anti-virus maker Bitdefender indicates that over half of all U.S. ransomware victims have actually paid off their attackers, while 40% of respondents said they most likely would pay to restore access to their data files if necessary.

This leads us back to the central ransomware conundrum: To pay or not to pay.

As we recently discussed, the FBI considers their hands tied against ransomware attacks (almost all are suspected to be launched from Eastern Europe) and shockingly recommends victims simply cough up the Bitcoins. But there are still very logical reasons why paying off cyber-extortionists is never a wise idea:

  • You're an instant patsy. A quick ransom payment indicates you'll give in without a fight—an ideal victim. Expect your attackers to remember that when they run low on cash—or share that knowledge with other cyber-gangs looking for their next "easy mark."
  • The demands will grow bigger. Think of ransomware attacks in terms of simple economics—the "seller" charges what the market will bear. Today's most lethal strain of ransomware, CryptoWall 4.0, currently charges victims a standard flat rate of 1.83 Bitcoin ($700). If most readily paid $700 for their precious data today, why wouldn't they pay $900 tomorrow—or even more?

Protect Your Company Now

  • Back up your entire network regularly. Most ransomware will seek out external backup drives (connected to a computer via a USB port) and infect those files as well—unplug the drive after every manual backup.
  • Make sure all software is fully updated and patched. Ransomware and other viruses seek out vulnerabilities in all common office apps.

The middle of a robbery is too late to create your anti-robbery plan! Contact us to help design and implement your company's strategy against ransomware and other emerging cyber-threats.

Tags: backup, Backup Solution, cyber security, ransomware, security threats, security

Posted in: Backup, Security, Knowledge

Categories

Archives