Category

SophosLabs: Targeted ransomware attacks likely to rise in 2019

November 26, 2018

According to a new report from SophosLabs, targeted ransomware attacks will become more common in the upcoming year. A targeted ransomware attack is one in which cybercriminals stake out a specific victim and tailor their approach to delivering the malware to that person.

This is altogether different from what we’ve seen in the past few years; as cyber criminals typically used automated tools to conduct attacks. While this required little effort on the part of the criminal, attacks were also relatively easy to detect, whether by antivirus software or just common sense. Cybercriminals conducted attacks on a very wide scale, but the success rate was low. With targeted attacks, attackers can respond reactively to defense measures and employ different strategies until they are successful.

The growing popularity of targeted attacks can be traced to the success of a single criminal gang using manual techniques to deliver a form of ransomware known as SamSam. The group conducted targeted brute-force attacks to discover machines with weak passwords and take control of them from outside an organization’s security perimeter. After gaining access to the network via those machines, the attackers sniffed out Domain Administrator credentials, and used them to push the malware to all the organizations’ systems simultaneously. This approach proved to be highly successful and has since spawned many copycat attacks.

It’s also a perfect example of the growing sophistication of the criminals behind ransomware attacks. And, while these attacks were focused on businesses, it is highly likely criminals will use similar tactics to target individuals. So, you need an effective strategy to protect against these types of attacks.

Developing a ransomware protection strategy starts with strong passwords. Use long complex passwords with a mix of capital and lowercase letters as well as symbols. And of course, do not share your passwords with anyone.  

Be certain to keep your operating system(s) and applications patched and up-to-date. Same goes for your anti-virus software. Ransomware is constantly being modified and updated to evade security measures and exploit OS and application vulnerabilities. So, keeping everything up should be considered essential.

Finally, make sure you have an offsite backup of your data. This allows you to restore everything without the need to pay a ransom. If you do suffer a ransomware attack, backup is your last line of defense against data loss.

Visit the Carbonite Safe section of our website to learn more about our personal cloud backup products.

Tags:

  • Security
  • Tech tips