The latest ransomware trends call for urgent defence measures

Ransomware attacks are becoming so effective that the FBI is predicting ransom payments will top $1 billion by the end of this year.

The number of attacks in Canada has increased tenfold over last year. In a recent high-profile case, the University of Calgary paid $20,000 to regain access to data that was encrypted by covertly installed computer malware.

It’s more important than ever for all organizations to take preventative action, Krystal Wang, senior product marketing manager with Proofpoint told participants in a recent ITWC webinar, Protect Yourself from Ransomware. “It’s becoming so prolific for attackers because it works,” she said.

The latest trends in ransomware

Ninety-nine per cent of the attacks start from links or attachments in email messages, according to the Wall Street Journal and the attackers are “relying on human curiosity to click,” said Wang.

At the same time, these emails are becoming increasingly hard to spot, she said. “The days of looking for spelling mistakes and Nigerian princes are gone. What we have now is really sophisticated and really convincing lures.” Wang noted that attackers are using graphic designers to make the emails look exactly like marketing campaigns from existing companies.

The attackers are also very skilled at developing new products, leading to a 600 per cent growth in ransomware ‘families’ or types, said Wang. She pointed to the meteoric rise of “Locky” ransomware, used in a campaign last month that involved 50 million malicious emails. In this case, the attackers research a target’s social networks to make sure the email relates to your business. For example, it may appear to be from the company they use for package delivery. When they click on the attachment, it will ask they want  to enable macros. Once that happens, the files are encrypted and the ransom demand is made.

“This is a big business,” said Wang.“The attackers will even have web pages for help and FAQ to make it easy to pay the ransom.”

Prevention and survival

Wang stressed that this isn’t just a technology issue. It’s a problem that spans people and processes. “At the end of the day, the attackers are targeting us, and we make mistakes.”

The biggest goal of the attackers is to get to a person, especially one that doesn’t know what they’re doing, and exploit their vulnerabilities.  That’s why user training is one of the best defence mechanisms. Employees need to know how to recognize suspicious messages and to be more careful when clicking “OK” online.

The number one way to minimize the impact of ransomware attacks is to back up your data, said Wang. “This should be done often and offline to prevent the malware from spreading through shared drives.”

It’s also important to install all updates, review emergency procedures and to invest in solutions that monitor the attack chain in email, social and mobile.

If an attack happens, Wang said that the first thing to do is to disconnect from the network and do not restart. Some types of ransomware have a second stage that kicks in after a reboot, she explained. She also reminded participants to inform the authorities of the attack.

Paying the ransom provides no guarantee the encrypted files will be released. In fact, only 30 per cent of organizations get their data back after they pay. “It’s a gamble,” she said.  “If it’s critical information that is needed right away, some organizations will choose to pay.”

Jim Love, ITWC CIO and host of the webinar, also stressed the urgency of taking steps to protect your data. “If you think it won’t affect you, you might want to think again.  When it happens, you need to have an answer on what was done to prevent it.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Cindy Baker
Cindy Baker
Cindy Baker has over 20 years of experience in IT-related fields in the public and private sectors, as a lawyer and strategic advisor. She is a former broadcast journalist, currently working as a consultant, freelance writer and editor.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now