a ransom note

Your Staff is the Target – The Devastating Threat of Ransomeware

The Millennium Group has experienced ransomware first-hand with our clients and each week we see a serious rise of ransomware in Nothern Colorado.  Each event represents grave losses for the businesses infected. What is happening locally is occurring all over the world. We are fiercely addressing this dangerous threat with new technology and urge all businesses to become educated and take proactive steps to mitigate potential damage.  

It’s crucial to invest in the right kind of security solutions so that ransomware like Chimera and Ransom32 don’t penetrate systems and cause irreparable damage to machines and reputation alike. In order to protect computers and data from attacks like these, businesses and personal device users should first educate themselves about the malicious programs that are out there – and then invest in threat protection solutions that can make a difference in the level of protection these personal and business machines have.

Downtime is more detrimental than ransom costs

Ransomware is targeting individuals, small business and now, bigger businesses.  Ransomware should no longer be seen solely as a threat to individuals and small businesses. Nearly 60% of businesses hit by ransomware had more than 100 employees, and 25% were enterprises with more than 1,000 employees.

Ransomware is a growth industry.  It will not be going away- there is too much money to be made by the cybercriminals.

Please call us at 970-663-1200 to learn how we may assist you.

A few weeks ago several hospitals in Germany came under attack by ransomware, a type of virus that locks files and demands cash to free data it maliciously encrypted. It will take weeks until all systems are up and running again, despite the fact that the hospitals employed redundant data backup. It was an attachment in an email that allowed the virus to enter the system, and it was a staff member who opened the attachment.

Last month in California, a Hollywood hospital paid about $17,000 in the digital currency bitcoins to hackers to release their data.  “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Hollywood Presbyterian Medical Center’s President Allen Stefanek said in a statement.

According to Security Magazine, the number of ransomware attacks is predicted to increase in 2016.  More than 4 million samples of ransomware were identified in the second quarter of 2015, indicating an upward trend, as in the third quarter of 2013, fewer than 1.5 million samples were analyzed.  The Atlantic recently reported on a string of attacks that impacted small police departments in Massachusetts, Tennessee, and New Hampshire, where hackers extracted large sums of money for the departments to regain access to their critical, encrypted data.

A new version, called Ransom32 is staggering.  The ransomware-as-a-service aspect of this code marks the biggest deviation from the norm, as it is being sold to would-be hackers as a complete package. In other words, instead of having to develop their own malicious code, less tech-savvy cybercriminals are able to purchase a program with which to inflict these kinds of problems. The sellers of this service simply ask for a percentage of the profits and for an upfront purchasing fee.

This makes the problem of ransomware even more important because this means more instances can be created and used by inexperienced hackers. The aforementioned predicted increase in these types of attacks becomes increasingly clearer – because of the wider user base of these ransomware-as-a-service programs.

The issue at hand: the dangers of a networked world are increasing with speed, and there’s no simple solution in sight. The cyberworld has created a new hyper-asymmetry.  Whereas in the analog world, war required perhaps three attackers to overwhelm one enemy combatant, in the digital world, one attacker could render 1,000 people helpless.

Ransomware is getting sophisticated. When ransomware first started appearing, it would include an alarming message telling the user that his or her computer had been infected and would need to be wiped clean with a (fake) anti-virus software. Now, however, those first-generation attempts at ransomware seem tame in comparison to the monsters of today.

Your Staff is the Target

  1. Train employees not to open attachments from people they don’t know.
  1. If practical, ban the use of personal email while at work. Security is compromised due to the variety of email services offered and the inability to control the content of these emails.
  1. Double-check all messages regarding financial matters: go to the bank/institution website directly; do not click on provided email links.
  • Verify all wire transfer requests with a phone call or another two-factor (described previously) authentication mechanism. Hackers frequently target the CFO and accounting departments of public companies. The most common practice is requesting wire transfers through email.
  1. Create complex, hard-to-guess passwords.
  • Mix numbers and letters, and symbols in passwords. Don’t use pet names, family names, etc. Long passwords using mixed characters are the best.
  • Use an unusual phrase instead of just a word, and replace letters with numbers or vice versa.
  1. Notify  Millennium Group of any unusual programs on your computer, or if your computer is warning you about disk issues, performance problems, etc.
  1. Discourage users from keeping personal data on business computers, and ensure they save all work files to a network location that is backed up and monitored.