New do-it-yourself cyber-extortion kits make it easy.
Since its invention in the mid-2000s, ransomware has become the world’s premier cyber-security threat. Typically gaining entry to a system via bogus emails or notifications, this malware enables criminals to capture a system’s data and demand payment for its release.
Now Ransomware has a new distribution model: Ransomware as a Service.
Extortion software is for sale as an end-to-end service, just like a conventional business product. Even the rankest IT amateur can go to the Dark Web and obtain kits for building effective ransomware. With little skill, effort or expense, one crook can target thousands of individuals and businesses.
These turnkey RaaS kits are available for little or no up-front fee, with payments made as percentages of the extorted proceeds. Some RaaS developers have built significant name recognition for their products while others offer blandly generic software that can be easily customized and branded.
The proliferation of ransomware has been explosive.
A prime example is the infamous CryptoLocker, which first appeared in 2013. Relying on encryption as a central element, CryptoLocker soon became the most feared breed of ransomware. Variations immediately sprang up, under such names as Xorist, CryptoBit, CryptoDefense, Cryptowall and more.
Crypto crooks soon became the target of operations by the FBI and international law enforcement agencies. These efforts have met with considerable success, but the fight goes on. Ransomware keeps popping up in new and increasingly diabolical forms like a larcenous game of Whac-A-Mole.
This kind of proliferation paved the way for the booming outlaw industry that produced RaaS.
The most notorious current RaaS threat is aptly named Satan. Complex and sophisticated, Satan is packed with code designed to stymie malware detection and removal software. As new protective tools are developed, Satan’s masterminds respond with new blockers. Their product even comes with detailed instructions in the arts of online theft.
Satan has a legion of imitators, many of which have their own business models. Differentiation enables hackers to create ransomware targeted at specific industries and companies. Some versions require an up-front fee, with the percentage of ransom required ranging from 5% to 30% and higher. At least one product is actually a ransomware-blocking package that was pirated and altered for unlawful use.
Certain ransomware vendors also sell other kinds of malware that can be combined with ransomware to perform even more kinds of mischief.
Ransomware never stops evolving, and new strains continue to appear. Law enforcement agencies worldwide are fighting the ransomware epidemic every day, but as with any organized criminal enterprise, the war goes on.
Solid system security will always be the first line of defense against ransomware. Like Dracula, malware that penetrates systems via emails and other kinds of messaging can’t enter without being invited in, so everyone who uses a system should know not to open unsolicited or unknown messages or email attachments.
Pop-up warnings can be enticing, along the lines of, “IMPORTANT! Microsoft has detected a serious problem with your browser! Click here within 30 seconds or your computer will explode!”
Once wise and cautious user practices are in place, you need to establish solid data backup and recovery programs.
Begin with familiarizing yourself with the essentials of dealing with ransomware, so you’ll know what to do in case of an attack and you can establish a robust defense.
The key data protection tool is cloud backup, which allows you to always maintain malware-proof copies of all your data. Be aware that although cloud backup has found virtually universal acceptance, there is a lot of misinformation on the subject.
A reliable disaster recovery program begins with a plan. While developing a plan, it is important to keep in mind that while there are many solutions available, vendors are not all alike, and every company should be careful in choosing the right disaster recovery tools.
These are a few highlights from our extensive data protection blog. Take a few moments to identify topics that may be useful as you consider your current strategies and tools.
RenovoData is a leading regulatory-compliant, cloud data protection IT services company. Our solutions range from File and Database Backup, Server Recovery, Disaster Recovery as a Service (DRaaS), Custom Cloud Hosting and Consulting solutions for on-premises and hosted environments.