Story image

Ransomware attacks are getting easier, but protection is getting harder

22 Sep 16

Ransomware is continuing to be an ever-popular and effective method for cyber attacks, and Trend Micro says it's only being made easier with do-it-yourself ransomware kits that are being sold in the deep web.

Stampado is just one of those tools, selling for US$39 that allowed even the most non-technical of would-be attackers to mount a ransomware operation. Ransomware as a Service, or RaaS, relies on internet browsing, spam and outdated software to launch attacks, and from there it's a messy story.

The company says that CryptoWall gained US$325 million from victims, and other ransomware operates in much the same way. Files are encrypted, and hackers make their demands.

Ransomware families have experience a 172% increase in families in the first half of 2016 - higher than what was found in the entire year of 2015.

The company says that for organisations, the effects can vary depending on what data they want to protect. While an attacker doesn't know the importance of a file, blanket attacks on folders, servers and drives allow the hackers to at least gain a few victims.

Organisations affected by those blanket attacks can experience everything from lost sales, unfulfilled orders, productivity losses and critical files. The result can be damaging for not only the company, but its brand and consumer perception.

There is no end or cure in sight for the ransomware threat, as the company states from research that it will only get more complex, evasive and intrusive with time.

While Trend Micro says that there is no cure for ransomware, organisations can use multilayered protection, data backup and recovery, patching and employee education to fight attacks. These collaborative tools will protect networks from ransomware attacks.

Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).