BASIC OVERVIEW OF RANSOMWARE AND WHAT TO DO IF YOU FALL VICTIM
THE CHANGING MODEL OF RANSOMWARE PROLIFERATION
A new report by Check Point software’s researchers showed that Cerber’s Ransomware-as-a-Service (RaaS) affiliate program, which allows “affiliates” to produce a “marketing” campaign, manage updates to the ransomware code, and process payments all within one platform has become quite popular. At the time this blog post was published, Cerber had more than 160 participants, and its combined direct sales plus affiliates revenue was almost $200,000 USD, despite a victim payment rate of just 0.3%. That puts it on track to make 2.3 million dollars this year, said Maya Horowitz, group manager of threat intelligence at Check Point.
The RaaS model is so popular and profitable that competition has already started. Symantec reported on a new RaaS dubbed Shark that is currently available with no upfront charge, but keeps 20% of what payments are made by victims and directs those funds to the Shark developers.
CONVERSION RATE – MARKETING 2.3% VS RANSOMEWARE 0.3%
RUSSIAN RANSOMWARE – FOR EXPORT ONLY
LOCKY – HEATHCARE RANSOMEWARE ON THE RISE
THE CHANGING LANDSCAPE OF HACKING AND CYBER ATTACKS
Fortune Magazine published an article about how the stock price of a leading security firm reflects the changing landscape in “What FireEye’s Stock Crash Says About Hacking.” FireEye, whose business model is based on responding to large-scale breaches and selling security software to detect and protect against such threats, recently has missed revenue targets. Prior revenue shortfalls have been blamed on decreases in Chinese cyber-attacks following the country’s truce with the Obama administration. While Symantec has not had a similar revenue drop off due to the change a recent report stated, “In the past three years, the number of email phishing campaigns has nearly doubled, but the number of people targeted in each has fallen by more than half, to an average of 11…”
What does this mean for businesses? This change may signal that the Advanced Persistent Threat (APT) risk maybe overblown, but the mass-distributed malware, particularly ransomware should still be a concern for most organizations.
THE PHONE AS A RISK VECTOR – HELPFUL PEOPLE ARE EXPOSING YOUR COMPANY
Black Hat and the related DefCon is an annual security and hacking conference. It has several competitions, one of which this year was about how to get information about a target company using only a phone. USA TODAY has the write up for how the competition was run (soundproof booth on a stage and a phone that can spoof the caller ID), what competitors did to gain information, and the “why” they were so successful.
If you are wondering why this is included, the term Spear Phishing represents a targeted email (spear) containing (malware) or other security risks. If someone knows enough about a business or company, then crafting a believable and successful message becomes much easier.
I will close with the following advice, users must always be cautious and should adopt the stance of David Foster Wallace in his book the Infinite Jest, “Yes, I’m paranoid — but am I paranoid enough?”
Want help keeping your company safe? Learn more about the managed IT services we offer.