2015 was a big year for ransomware exploits and it looks like they aren’t slowing down in 2016. Kaspersky reported that Cyrptolocker attacks doubled in 2015, and that a majority of workplace PCs were attacked. The perpetrators of CryptoLocker attacks send Trojans, usually via email, that when set free, infect a user’s PC and encrypt any files it can access. The attacker then demands money, often in the form of bitcoins, to decrypt the locked files. Attackers threaten all sorts of havoc if their demands aren’t meant. As the article in NetworkWorld points out, even if their demands are met, you can’t count on your attackers honoring their part of the bargain.
I recently wrote a blog that covered a new ransomware attack on Hollywood Presbyterian Medical Center. The attackers are asking for 9,000 bitcoins in order to return thousands of patient records intact, which translates into approximately $3.6 million. That’s a steep price tag for any organization, and although typically law enforcement agencies advise victims not to pay, some police departments have started succumbing to the ransom demands. The more dangerous and alarming part is that, according to the FBI, who are working on this case, some attackers aren’t skilled enough to handle the malware they’ve delivered and if that’s the case, the hospital’s data will be lost forever. As the article points out, some criminal coders can mount an attack, but they don’t know how to handle encryption and decryption. Researchers have reported a ransomware strain that unintentionally locked files that can now never be decrypted.
The hospital has not decided whether they will pay the ransom yet, but they are forced to handle all their records manually for the time being. According to cybersecurity experts, ransomware has proven to be a lucrative business with Kaspersky reporting that a hacker group they researched is getting $2.5 million to $10 million for each successful attack.
In the meantime, organizations in every sector, particularly highly regulated industries like healthcare and finance need to increase their security postures as much as possible. Here are some quick tips that could keep you from becoming a victim:
- Make sure your employees are security aware and not prone to opening unfamiliar emails and attachments. If an email looks suspicious or an offer seems too good to be true, use caution. Also, since cyber criminals are now adept at researching employees via social media, they should approach any unknown senders with caution.
- Get the technology you need. There are a variety of ways evasive malware can be introduced, including piggybacking on traffic on high hidden ports. If you’re security can’t monitor those ports, you’re asking for trouble.
- Be sure you update your software and applications as well as your operating system. Criminal hackers often leverage known vulnerabilities in an application or OS that hasn’t been updated.
4 responses to “When Ransomware Strikes Should You Pay or Not?”