Our Blog

 Lock and Key

 

In today’s digital world, where major personal and business activities are technology-enabled, cybercrime emerges as an inevitable reality. Cyber crooks are persistently working towards finding formulas which make specific files unusable. Today, ransomware is often delivered through fake Google Chrome and Facebook emails, as well as being tied to PayPal phishing campaigns. These attacks have cost USD $1 billion so far in 2016, with the figure set to rise. 

People who use Google Chrome on their phones may receive browser upgrade notifications. When the recipients click on the link attached to the email they are directed to ransomware. Ransomware also uses the Google Chrome icon in such a way that recipients are easily fooled into thinking it is an installer package.

According to the recent research, ransomware has bypassed controls in certain places, while posing as a growing threat in the cyber world. Unlike other cyber attacks, ransomware attacks are not about data exfiltration. Ransomware works by freezing the users’ access to some important files and folders, and bringing critical business activities to a halt. Upon malware evasion, some documents that are very important for supporting day-to-day business activities are encrypted.

The high rate of successful ransomware attacks has resulted in the development of better ransomware. In turn, this has also aided the evolution of ransomware as a money making commodity. Today, hackers are selling malware to cyber crooks in such a way that even unskilled hackers can stage attacks through basic social engineering campaigns.

History

Ransomware was professionally released in September 2013. In 2015, it was reported that 80% of organizations experienced an IT security incident. Interestingly, the inception of ransomware attacks dates back to the mid-1980s. In 1986, two Pakistani brothers, Basit and Amjad Farood Alvi, designed a software named 'Brain', which included a ransom message instructing the recipients to call them when they read the message.

According to cyber security cell, ransomware stopped between 1989 to 2006. However, in 2006, two different ransomwares – PGPCoder and GPCoder - were used for Symmetric Encryption. Via these malwares, cyber attackers were able to encrypt more PowerPoint presentations, PDFs, and other files on systems.

Later versions of ransomware that were released in 2010 had minimal impact as they didn’t tamper with files stored on discs. However, the ransomware which was released in 2015 – and indeed that we continue to see today – targeted those documents that were valuable to the victims, including the victims’ office documents and pictures.

Every Organization is Equally Exposed to the Risk of Ransomware

The fast pace of technological advancement and a sharp growth in the number of smart hackers mean that every organisation across the whole range of industries are vulnerable to ransomware attacks. Notably, ransomware attacks are not directed towards software companies or SMBs alone; the financial and the healthcare sectors have been equally vulnerable. In recent years the financial sector has faced 300%t more cyber attacks than any other industry.

Unfortunately, many vital public institutions, such as fire stations, hospitals, and police stations, which do not have sophisticated cyber security systems in place, have also been vulnerable to ransomware attacks. When public institutions fall victim to such attacks, public security is most likely to be at stake.

How Ransomware Spreads

Besides using fake email messages as a way to transfer ransomware, cyber criminals also use a type of software package, known as exploit kits, to target victims. These packages are designed to recognize vulnerabilities and force the recipient(s) to install ransomware. The use of spam botnets is also a widely practised ransomware attack technique. Spam botnets usually create accounts and send spam messages with them. However, some techniques do require some level of technical proficiency, and today’s cyber criminals possess those skills.

Once the victim’s system becomes infected, there is no cure or way to reverse the attack. It is very important to have a back-up process in place so that you can recover files as and when required.

PineApp Mail Secure

PineApp Mail Secure blocks 99.7% of spam and viruses and protects both inbound and outbound email traffic. The Sandboxing Module enables additional threat analysis in a behavioral sandbox, which provides the deepest visibility into malware behavior, meaning that only safe files are forwarded to the relevant user. To learn more about how PineApp Mail Secure can protect your company from Ransomware click here. Additionally, you can contact This email address is being protected from spambots. You need JavaScript enabled to view it.

 

 

 

 

 

See Cybonet in Action. Visit a Demo

CYBONET is committed to protecting organizations of all sizes. Whether securing the IP reputations of some of the largest Service Provider networks in the world