Cybercriminals use phishing emails with malicious links or attachments to distribute ransomware more than any other method. Their goal is to fool unwitting victims into downloading the nasty, file-encrypting malware so they’ll be forced to pay a ransom in exchange for the decryption key. CSO Magazine last year found that 93% of all phishing emails contain ransomware. To protect yourself and your business, it’s important to know what emails and tricks to avoid. Here’s a look at phishing emails that have commonly used to spread CryptoLocker, CryptoWall, Locky and other notorious…

Continue reading

The WannaCry ransomware attack earlier this year infected more than 230,000 computers in 150 countries within one day of its release. It received a huge amount of media coverage and created widespread concern for ransomware protection. Estimates of the total damages from WannaCry range from several hundred million to $4 billion. About a month later, NotPetya ransomware caused an estimated $300 million in damages. Those estimates are certainly high. But it could have been much worse, if it weren’t for some flaws in the WannaCry and NotPetya code. And you can bet that in…

Continue reading

Ransomware, the malicious code that holds data hostage, is now a more common threat to businesses than data breaches. It continues to be a thorn in the side of companies large and small, and has enriched many cybercriminals throughout the course of its history. Ransomware targets computers, mobile devices and even machines connected to the Internet of Things. The ransomware we know today is predominantly crypto-ransomware, which encryption technology to hold victims’ data hostage until a ransom is paid. Other types include locker ransomware, which prevents users from accessing their devices; ransomware…

Continue reading

The costs associated with a ransomware attack are often viewed from two dimensions: On one side, there is the ransom demand, and on the other, the cost to recover or recreate data. Neither of these is a complete view because they do not take into account all the ancillary costs. Here’s a quick look at several factors that also add to the cost of dealing with ransomware: Downtime Ransomware frequently results in at least some IT systems downtime, meaning that technology resources necessary for business operations are unavailable. The costs…

Continue reading

Some ransomware are strategically designed to cause as much damage as possible while producing large profits for cybercriminals. And the ransom demands for these Advanced Ransomware Threats (ARTs) far exceed those for a typical ransomware attack. ARTs hold your most valuable assets for ransom and ensure that copies of the data are not available for restoration. There are typically six phases of an ART attack, including: Reconnaissance This process begins with reconnaissance. The attacker reviews information on the company and may even make a list of employees mentioned on the company web…

Continue reading

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and update the popular open-source operating system. There is a broad range of Linux distributions aimed at different purposes and preferences. Some are built for specific tasks such as privacy protection or perimeter defense and a host of options are available for both desktop and server operating systems. Linux has been around for decades, yet it only claims 2.36% of the desktop operating system market share. Linux is much more popular on the…

Continue reading

Most people will never have a fire in their home or office, but everyone can remember going through a fire drill at some point. The process of evacuating a building and meeting outside prepares us for the actual conditions we might face in a real fire. Many companies go to great lengths to prepare for disasters like fires and floods, but most remain woefully unprepared to deal with ransomware—despite the fact that ransomware attacks are far more likely. One way to improve your company’s ransomware incident response capability is to gather your employees…

Continue reading

The process of making sure your business is prepared to protect its data from ransomware and other disasters depends largely on the characteristics of your specific computing environment, such as the type of data you have and how it is stored. To begin the process of implementing or optimizing a data protection plan, you need to gain a full understanding of how data is used within your organization and what needs to be protected the most. Start by asking yourself these four questions: 1. What data do I have? The first thing…

Continue reading

A new ransomware do-it-yourself kit called Karmen is making it easy for wannabe cybercriminals to launch ransomware attacks. Security researchers believe the recently discovered ransomware as a service (RaaS) offering was developed in part by a Russian-speaking ransomware author who goes by the alias DevBitox. For a price, Karmen can turn almost anyone into a cybercriminal in just a few clicks.   RaaS offerings like Karmen began popping up on the dark web in 2015 and ransomware developers have continued to make the kits more user-friendly over time. Karmen is…

Continue reading

Apple Inc. has a reputation for building secure devices, but don’t become too complacent because ransomware threats to Mac users are on the rise. While ransomware attacks against Microsoft Windows-based computers and servers remain far more prevalent, security researchers have detected new Mac threats in recent years and expect to see new threats in the future. Here’s a quick look at three forms of ransomware that are known to target Mac users: KeRanger disguises itself as a popular application Imagine this: You go to download a copy of Transmission, the…

Continue reading