London: 020 0200 8142

Ransomware – If you want your data back you’ll have to pay for it

Part 4: 5 phishing tactics threatening UK businesses

Ransomware

Protect from ransomware

So far in this series of phishing awareness blogs we’ve looked at CEO Fraud, malicious attachments and malicious links. The previous two posts explored the techniques deployed by cyber criminals to infect recipients’ systems with malicious software.  Today’s blog looks at ransomware.

Increasingly, cyber criminals are commercialising malware to blackmail their victims. This type of malware is called ransomware.

Since the first cases in Russia 10 years ago, ransomware has evolved rapidly, becoming a lucrative practice for cyber criminals across the globe.

The attackers send emails with links or attachments to malware designed to encrypt documents – rendering them unreadable, or to lock the recipients out of their operating system, effectively disabling them. Victims are duly told to pay a ransom to decrypt their files or to allow them back in to their computer or phone.

The international use of Bitcoin, which is less traceable than other payment methods, has made it easier for cyber criminals to undertake such attacks. Consequently, ransomware comes in a variety of ugly forms:

  • SMS (text message) requires victims to call premium rate numbers to unlock their devices.
  • Reveton impersonates police enforcement agencies. Emails typically accuse recipients of accessing illegal images, instructing them to pay a fine.
  • Cryptolocker is a recent type of ransomware for encrypting files and locking the user’s system.
  • CryptXXX is another new malware which reportedly made $45,000 in the space of three weeks. Thankfully, it seems to have been defeated by anti-virus companies.
  • Locky, ‘GameOver Zeus’ are other variants you may have come across, though not as frequently as law enforcement has clamped down on the infrastructure the malware relies on.

 

Blog-4-Pic1

Bitcoin currency for paying ransomware

Cryptolocker in particular represents an ongoing threat to UK businesses since the first cases were reported in 2013. Organisations failing to back-up their files have no choice but to pay the ransom.

The ransomware is so tough to crack, even the FBI advises US victims to “just pay the ransom.”

How to reduce the risk of your company being blackmailed by ransomware

  • Provide regular awareness training for your staff.
  • Simulate a targeted phishing attack with PhishAware
  • Use the results to understand which departments and locations within your business are most at risk

Learn more about PhishAware

Receive the full infographic of the 5 hot trends in phishing tactics here:

Send me the Infographic
 

Category: Blog, Phishing

We are Perspective Risk

  • Information security is crucial to every aspect of your business – operational efficiency, profitability, business continuity, customer confidence, brand loyalty, protection against fraud and meeting regulatory requirements.

    Our penetration testing, pen testing, pen tests and cyber security testing has proven time and time again to be an effective security assessment of business IT infrastructure.

    Perspective Risk provides in-depth security assessments, risk management and compliance solutions to help you keep your confidential information safe and your critical systems secure. We’re innovative, flexible and supportive, helping you through any information security issues to deliver real business benefits and excellent value.

  • Call Me

    Pop your details in below and we’ll be in touch soon!

    • This field is for validation purposes and should be left unchanged.

    ×
    Get Quote
    • This field is for validation purposes and should be left unchanged.
    ×