April 7th, 2016 by admin
We're only a few months into 2016, but we've already seen two high-profile ransomware attacks—where cyber-crooks heavily encrypt a victim's computer files before demanding payment for a decryption key only they can provide. Two notable incidents grabbed headlines:
- In January, Israel's Electricity Authority was hit by what officials termed "a severe cyber attack." What early media reports described as a possible terrorist plot to knock out Israel's national power grid turned out to be a multiple ransomware infection that crippled the agency's IT network—most likely triggered by an employee falling for a phishing scam (as little as clicking a link in a bogus email). The Israeli government didn't reveal whether they'd paid off the crooks in order to restore the network.
- Closer to home, one month later Hollywood Presbyterian Medical Center in Southern California gave in to hackers' demands for 40 Bitcoins—a little under $17,000—to restore access to their ransomware-encrypted network. With patient care potentially in the balance, the hospital decided the quickest solution would be to simply pay the ransom.
Pay or Don't Pay: Where Do You Stand?
A recent study from anti-virus maker Bitdefender indicates that over half of all U.S. ransomware victims have actually paid off their attackers, while 40% of respondents said they most likely would pay to restore access to their data files if necessary.
This leads us back to the central ransomware conundrum: To pay or not to pay.
As we recently discussed, the FBI considers their hands tied against ransomware attacks (almost all are suspected to be launched from Eastern Europe) and shockingly recommends victims simply cough up the Bitcoins. But there are still very logical reasons why paying off cyber-extortionists is never a wise idea:
- You're an instant patsy. A quick ransom payment indicates you'll give in without a fight—an ideal victim. Expect your attackers to remember that when they run low on cash—or share that knowledge with other cyber-gangs looking for their next "easy mark."
- The demands will grow bigger. Think of ransomware attacks in terms of simple economics—the "seller" charges what the market will bear. Today's most lethal strain of ransomware, CryptoWall 4.0, currently charges victims a standard flat rate of 1.83 Bitcoin ($700). If most readily paid $700 for their precious data today, why wouldn't they pay $900 tomorrow—or even more?
Protect Your Company Now
- Back up your entire network regularly. Most ransomware will seek out external backup drives (connected to a computer via a USB port) and infect those files as well—unplug the drive after every manual backup.
- Make sure all software is fully updated and patched. Ransomware and other viruses seek out vulnerabilities in all common office apps.
The middle of a robbery is too late to create your anti-robbery plan! Contact us to help design and implement your company's strategy against ransomware and other emerging cyber-threats.
Posted in: Cyber and Data Security