The FBI has been scrambling recently to contain the latest manifestation of a devastating malware attack commonly known as “ransomware.” Schools, hospitals and businesses are often the target. But what is this latest malware, and what can your organization do about it?
Malware has always been a problem, but the latest strain, ransomware, is particularly nasty and problematic.
While ransomware attacks are not exactly new – the first known occurrence took place in 1989 (more on this later) – the frequency of the attacks has increased within the last few years. The Cyber Threat Alliance estimates ransomware has caused $325 million in damages worldwide since January 2015. The FBI has reported victims have paid more than $209 million in ransom payments from January through March of this year. Compare that to $25 million – the total cost of ransom payments for 2015 in the U.S. (per the FBI).
Ransomware attacks live up to their namesake and work like a real kidnapping scenario. In short, hackers send infected links in an email to the victim, and if the victim clicks on the link, which houses a Trojan-style virus, the hackers gain access into the victim’s hard drive. The hackers then encrypt the victim’s data, making it inaccessible without the encryption key, and hold it for ransom, charging anywhere from hundreds to thousands of dollars in Bitcoin – a difficult-to-trace, virtual currency
Sometimes the lethal links are offered in a pop-up window or a tempting link on a website. Regardless of the medium, the links often look like they are from a real business or organization.
Recently, hackers have targeted hospitals, school districts and other public institutions. In some instances, schools and hospitals have paid these attackers thousands of dollars to access their critical databases and information. Talos, part of Cisco’s Collective Security Intelligence (CSI), discovered that millions of out-of-date devices, mainly in school districts, are at risk to ransomware attacks.
Such attacks paralyze organizations as their records, crucial software and databases are shut down. Unfortunately, the Los Angeles Times reported that the FBI has not made a single arrest in the current rash of ransomware attacks.
So what should you do if you’re attacked?
To continue reading, download our free e-book: Unveiling Your Security Nightmares