August 18, 2016
Ransomware-as-a-Service is taking the commercial software strategy of the business world and applying it to cybercrime. Organizations need to be better prepared and to get their frontline and back-up security sorted quickly – because, at the moment, the growth of Ransomware-as-a-Service fuelled attacks show no signs of slowing down.
The biggest Ransomware-as-a-Service “offer” at the moment is called Cerber. Effectively, Cerber allows novice hackers, without the technical expertise, to take part in high-level cyber-criminal activity. Cerber give hackers the tools to create their own attacks, and these ‘affiliates’ then help spread the Cerber Ransomware. The profits are then split between the parties. Most Ransomware attacks in this case are for 1 bitcoin, which converts to about $590.
The researchers over at Check Point have done a fantastic job in exposing the inner workings of the Cerber Ransomware-as-a-Service scam. For those with a mind for it, you can read the detailed descriptions of the technical aspects of the scam in Check Point’s full report here.
For those of us less technically literate, the main take away is that the Ransomware-as-a-Service trend is growing and is a major worry. It’s estimated that annually, hackers can garner close to $1 million in ransom fees using the technique. Check Point’s research found that Cerber was currently behind some 161 active campaigns, launching as many as eight a day. It’s estimated that around 150,000 users have been infected worldwide.
And unfortunately, rewards on this scale of course spawn imitators. A new piece of Ransomware known as The Shark, has taken off in the last couple of months, clearly inspired by Cerber’s approach. The culprits behind The Shark have not been exposed yet, but in better news, Check Point has not only exposed the inner workings of the Cerber scam, but has also released its own decryption service for those infected.
Cyber Security is a constant battle, with new fronts and tactics developing all the time. It’s more imperative than ever before that organizations stay on top of their cyber security and, in particular, are fully prepared for Ransomware attacks.
Extensive staff training in safe internet use should now be a mandatory first step for all organizations – not getting infected in the first place is the best way to avoid the perils of Ransomware.
On top of that, organizations also need effective strategies to combat any attack that does occur. Here at Global Data Sentinel, our back-up and recovery solutions go a long way to helping companies minimize and negate Ransomware attacks, by letting them roll back time to the days before an attack occurred.
Find out more about our approaches to preventing, and to recovering from, Ransomware attacks here.
Our service is available as a product to install on your network, as a service hosted in the cloud or both (hybrid).
May 20, 2015