The virtual criminal underworld has adopted a new way to make a quick dishonest buck through “ransomware,” a practice by which cyber criminals use spam to access and hold your files ransom.
According to the United States Computer Emergency Readiness Team (US-CERT), ransomware cases began popping up in 2013. In less than one week after the phenomenon’s emergence, more than 12,000 users fell victim to ransomware schemes, largely through infected emails.
The most common ransomware on the scene is CryptoLocker. By using the same techniques used to encrypt files for good, cyber criminals have found a way to put data behind bars… and then dangle the key in front of you.
Here’s how it works:
A user is exposed to spam through an email or link, which opens the door for the games to begin. That spam often includes a malware attachment that infects the user’s PC. It attaches and encrypts all of the user’s documents. At that point, they’re locked out of their own data. In the midst of this, they’re provided a link to unlock their files – for a price, typically between $100 and $300.
Will the hackers start to adjust the price based on the number of files? Almost certainly. The number of CryptoLocker-like attacks is going to skyrocket, which means the need to guard against these attacks is more important than ever.
Here’s what you can do to protect yourself:
- Use a good spam filter. Spam is still the #1 entry point for malware.
- Use a good firewall with application defense and antivirus features. Packet filters don’t cut it.
- Use a good AV/anti-malware product. They are not perfect, but they will stop a lot of the junk before it has a chance to do damage.
- Use software restriction policies on Windows and blacklist known malware executables.
- Keep your systems patched. Java, Acrobat and other problem programs can be used to automatically launch malware.
- Use a good backup system. If you don’t pay the ransom, you better have some good backups to recover from.
- Restrict user rights. CryptoLocker can only encrypt files the user has access to.
- Use your brain. Most malware doesn’t work without one crucial ingredient: a sucker to open the email or attachment. User awareness is key.
- Respond quickly. “Ransomware” needs time to encrypt files. Shut down infected machines immediately and live CD-based tools to clean up the mess.
We’d love to tell you more. Fill out the form below to get our attention:
[contact-form-7 404 "Not Found"]