cyber securityRansomware is a hot topic these days. We’re seeing it in the headlines far more than we’d like. The trick about digital attacks like this, and most malware attacks in general, is the ever-changing nature of them. The ransomware attacks we saw a year ago aren’t the same as they are today. Here’s an update on some of the latest variations.

From CSO.com:

Attackers have adopted new strategies for infiltrating networks, improved their ability to do damage, and, just as important, have embraced sophisticated growth-enabling business models.

For example, users have been getting training on not clicking on malicious attachments or visiting malicious sites, and anti-malware vendors have been getting better at spotting those sites and attachments. But worms spread themselves without the user needing to do anything at all. “The worm will look and scan its surroundings on the network that have the vulnerability that it is looking to exploit, and copies itself onto the exploited machines,” says Robert Simmons, director of research innovation at ThreatConnect, Inc., a security vendor based in Arlington, Va.

A company that has a vulnerable machine connected to the internet is an easy target, for example. If a company has locked-down all its public-facing computers, an employee might use a mobile device or laptop to connect to an insecure network that has another infected machine on it, Simmons says.

Then, once the employee is back on the company network, the ransomware can spread from there. Once inside, the attackers don’t only launch encryption right away, he adds.

“With Petya, they found that in addition to its ransomware capabilities, it had a tool to provide an additional capability of attacking Windows domain controllers, the locations where the credentials and passwords to your network were kept,” he says. “So they’re branching into other capabilities that would let them pivot around the network.”

The attackers can steal data, for example, or do other damage. Then the ransomware will go off, and help the attackers cover their tracks. “The ransomware would be used as a smokescreen,” he says. “It would make it more difficult for a responder to find evidence of the original attack.”

With the rate of change associated with these attacks, unfortunately there is no simple solution. However, following some simple best practices for data security, like keeping your software and antivirus up-to-date and backing up your data regularly, you can lessen the likelihood of catastrophic data loss. The IT experts at Great Lakes Computer can help. We can not only provide you with best-in-class protective software and backup, we can also remotely monitor your network for suspicious activity. Data security is a full-time job and we’re here to take on that role.

Learn About Our  Backup & Recovery Platform

cyber ready

Why Cyber-Ready Now is Not Enough

We frequently discuss and stress the importance of protecting your digital assets today. Across the country, this is becoming more important to busine ...
business in trouble

How to Protect Your Business Before It’s Too Late

IT security consists of multiple facets and is crucial in today’s deeply digitized world. As a business owner, your IT components—the sensitiv ...
business continuity disaster recovery

Disaster Protection: Why Your Business Needs BCDR Now

Disasters sometimes strike. They can take on many forms (fire, hurricane, earthquake, theft, etc.) and either be localized or fully global. The COVID- ...