Decoding the ran$omware epidemic

The FBI recently issued an advisory on the rise of ransomware[1], warning governments, law enforcement agencies, hospitals and businesses alike to beware of this increasingly sophisticated form of cyberattack, in which cyber criminals encrypt an organization’s or an individual’s files and demand for a ransom payment in exchange for a decryption key.

Ransomware is by no means a new phenomenon. However, it has evolved through time to adapt to and circumvent new defenses. In just five months this year, we have seen at least seven new variants of ransomware, including PowerWare, which utilizes PowerShell, the scripting language inherent to the Microsoft operating systems. Another rampant trend is Ransomware-as-a-Service (RaaS) – a business model where cybercriminals pay a fee for the distribution of malware or promise a percentage of the ransom paid by an infected user.

Kane Lightowler, Managing Director, APJ for Carbon Black believes that prevention is better than cure. While there are decryption tools available for infected systems, cybercriminals have time and again proved to be able to advance their means of attack, overriding existing remedies. As such, in this media update, Kane shares his insights on this cyber epidemic, what led to its rise and how organisations can arm themselves against this increasingly sophisticated threat.



Decoding the ran$omware epidemic


Carbon Black Media Update

Decoding the ran$omware epidemic 
Kane Lightowler, Managing Director, Asia Pacific & Japan, Carbon Black

The FBI recently issued an advisory on the rise of ransomware[2], warning governments, law enforcement agencies, hospitals and businesses alike to beware of this increasingly sophisticated form of cyberattack, in which cyber criminals encrypt an organization’s or an individual’s files and demand for a ransom payment in exchange for a decryption key.

Just this year, we saw two high-profile ransomware attacks on Hollywood Presbyterian Hospital in Los Angeles and MedStar Health in Washington, D.C., severely crippling their operations and endangering the lives of the patients as communications within the hospital were completely shut down. Hollywood Presbysterian reportedly paid a sum of US$17,000 in bitcoins to regain access to their system[3].

The United States healthcare sector is not the only one in jeopardy. According to the Asia-Pacific Defence Outlook 2016[4], South Korea, Australia, New Zealand, Japan and Singapore, dubbed the “Cyber Five”, are nine times more vulnerable to cyberattacks than the rest of their Asian counterparts. This is attributed to the high dependence of these nations on internet-based interactions. As governments in the region look to further harness the Internet of Things (IoT) as a key economic driver, the number of endpoints will increase exponentially, presenting cybercriminals more attack vectors to exploit.

Despite the rise of ransomware, an alarming majority of businesses are still relying on traditional antivirus as their only form of safeguard against today’s increasingly advanced threats. This gives cybercriminals an easy entry to exploit and turn into a lucrative business model that is growing stronger than ever.

Ransomware as a Business

Ransomware is by no means a new phenomenon. However, it has evolved through time to adapt to and circumvent new defenses. In just five months this year, we have seen at least seven new variants of ransomware, including PowerWare, which utilizes PowerShell, the scripting language inherent to the Microsoft operating systems. The use of PowerShell avoids writing files to the disk and allows the malware to blend in with legitimate activity on the computer, thus averting detection by antivirus software. 

Another rampant trend is Ransomware-as-a-Service (RaaS) – a business model where cybercriminals pay a fee for the distribution of malware or promise a percentage of the ransom paid by an infected user.

While this may be a hard pill to swallow, ransomware has become a very profitable business model and as more user-friendly variants are developed, even those with little cyber know-how can easily deploy various forms of ransomware to exploit companies and individuals.

The Ransomware Remedy

Prevention is better than cure is equally applicable to an organization’s health. While there are decryption tools available for infected systems, cybercriminals have time and again proved to be able to advance their means of attack, overriding existing remedies.

Next Generation Endpoint Security (NGES) is a modern approach towards cyber security that has been specially developed to wrestle the increasingly sophisticated threat landscape. It adopts a proactive stance by continuously scanning, monitoring and collecting data from an organization’s endpoints. By recording an adversary’s every move, security teams can immediately isolate and stop the spread of an attack.

Antivirus and other more traditional security tactics are simply not enough, and until businesses ramp up their defenses to meet the level of sophistication now found in cyberattacks, they will always be at risk of being the next victim of the ransomware epidemic.

[1] The Federal Bureau of Investigation, Incidents of Ransomware on the Rise, 2016
[2] The Federal Bureau of Investigation, Incidents of Ransomware on the Rise, 2016

[4] Deloitte, Asia-Pacific Defense Outlook 2016, 2016


For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
SHARE
    Blogger Comment
    Facebook Comment

0 comments: