Ransomware is a hot topic these days, for very good reasons. Ransomware is a type of malware that restricts access to a computer, typically using encryption, allowing attackers to demand payment to unlock it. There is a wide variety of ransomware proliferating today, and it is constantly evolving, making it difficult to stay ahead of.
Cisco’s Talos Labs researchers had a look into the future and described described a sophisticated framework for next-gen ransomware that looks like a nightmare. The picture they paint is a type of ransomware that has rapid propagation, fast payload delivery, with ability to cripple recovery efforts similar to an actual computer worm. The study has a name for this mishmash of threats: “cryptoworms,” and suggests you should focus on DMZ hardening, secure backups and employee security awareness training.
Here is the general rundown:
- Attackers get domain admin access and map your network
- Gain access to your backup systems and messaging servers
- Grab control of your application distribution platform
- Deploy ransomware to all workstations in your network
- Ask for a million dollars in ransom
Computer criminals go where the low-hanging fruit is. They social engineer an employee to enter their credentials and they are in your network. An organization’s first line of defense is its employees. You need to create a human firewall.Employees must have the ability to recognize suspicious and dangerous emails, and understand the ramifications involved when this threat hits a system.
The harder you are as a target, the less chance of a ransomware infection. You must also have proper backup and business continuity in place — this is key to getting back online fast and keep operations running smoothly. Proper backup lets you hit the rewind button without having to pay big bucks to criminals.
Contact ACE IT Solutions at 646.558.6358 to find out if your business is properly prepared to deal with a ransomware attack.
*Image credit: Datto