Articles about Ransomware

Ransomware attacks are a major problem and they often gain access to systems via brute-force attacks against open and exposed remote access points such as Remote Desktop Protocol.

Cloud-native virtual application delivery platform Cameyo is launching its new RDP Port Shield security technology, along with a free, open source monitoring tool that any organization can use to identify attacks taking place over RDP in their environment.

Continue reading →

The education sector has become one of the most sought after targets for cybercriminals, according to the latest report from Malwarebytes Labs.

In the first half of 2019, the top three largest categories of threats identified among education institutions' devices are adware (43 percent), Trojans (25 percent) and backdoors (three percent). However, ransomware dropped to less than one percent in this period -- though it was higher both before and after the study.

Continue reading →

Detections of ransomware aimed at businesses rose by a massive 363 percent between the second quarter of 2018 and the same period this year. Meanwhile consumer ransomware is down 34 percent.

The latest quarterly threat report from Malwarebytes also sees a 235 percent overall increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.

Continue reading →

The cybercriminal's most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files stored in infrastructure-as-a-service (IaaS) cloud providers.

This is according to a new report from threat detection specialist Vectra which finds that by encrypting files that are accessed by many business applications across the network, attackers achieve an economy of scale faster and far more damaging than encrypting files on individual devices.

Continue reading →

Security firm BitDefender has teamed up with the FBI, Europol and other agencies and created decryption software that enables ransomware victims to get their data back for free.

The tool can be used to retrieve files encrypted by the GandCrab family of ransomware which is thought to have originated in Russia. GandCrab has been active for around a year and a half, and hundreds of thousands of people have fallen victim to it.

Continue reading →

The latest quarterly threat research from Malwarebytes for Q1 2019 reveals a 200 percent jump in ransomware and continued increase in business targets for cyberthreats.

This shift back to ransomware comes in the wake of a continued decline in cryptomining, as well as an increased focus on mobile attacks and large-scale business invasions.

Continue reading →

Last month Aluminum manufacturer Norsk Hydro was hit by a large scale ransomware attack that affected its systems across the globe and caused severe disruption to its operations with an estimated impact of more than $35 million..

The attack used the LockerGoga ransomware and the threat research team at Securonix has been monitoring the malware, which also caused problems for a number of other companies.

Continue reading →

Emsisoft has released a free decrypter tool for anyone who has been struck by the Planetary Ransomware, eliminating the need to pay a fee to the attackers.

Before using the tool you are advised to ensure that you have removed the malware from your computer -- something you can do with the free version of Emsisoft Anti-Malware. You also need to ensure that you don't delete the ransom note ("!!!READ_IT!!!.txt") or the decrypter won't work.

Continue reading →

Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.

This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.

Continue reading →

Ransomware attacks are increasingly well targeted and complex, and they can prove devastating for businesses.

Storage specialist Cohesity is launching a new set of anti-ransomware capabilities for its DataPlatform that can directly combat attacks.

Continue reading →

A number of major US newspapers -- including the Los Angeles Times, Chicago Tribune, Wall Street Journal and New York Times -- have been hit by a cyberattack that is said to originate from another country.

Malware was first detected on Thursday by Tribune Publishing, the owner of some of the affected titles, but unsuccessful attempts at quarantining meant that there was disruption well into Saturday. The Department of Homeland Security is currently investigating the incident which is not thought to have exposed any personal customer details.

Continue reading →

In an interesting new trend some companies are claiming to be able to unlock encrypted files following a ransomware attack, but are in fact simply acting as brokers between victims and attackers.

Researchers at Check Point have discovered a Russian IT consultancy named Dr. Shifro that claims to unlock and recover consumers' and businesses' encrypted files.

Continue reading →

An increasing number of enterprises are considering pre-purchasing cryptocurrency in anticipation of potential ransomware attacks. But is this a valid risk-reduction strategy for enterprises?

To get some views on this controversial issue, we spoke with Mike Doran, senior security consultant with the enterprise incident management team at cybersecurity specialist Optiv, and former computer forensics examiner with the St. Louis Metropolitan Police Department.

Continue reading →

Getting hit by a ransomware attack is bad enough; it means that your files have been encrypted and you'll be asked to pay a fee in a cryptocurrency such as Bitcoin or Ethereum to unlock them. The problem is that paying the ransom is in no way a guarantee that your files will be decrypted -- the ransomware was created by criminals, after all.

If you've been struck by the Thanatos ransomware, however, there's good news from Cisco Talos. The company has analyzed the malware and developed a free decryption tool that will enable you to get your files back without having to part with any money.

Continue reading →

Ransomware is a very real threat that targets businesses of all sizes and industries. Really any business can be a target. With that being said financial institutions and retail are most at risk given the transactional nature of their business and the number of people that may have access to a terminal or computer at any given point in time.

The first thing that an organization needs to do is recognize that they are a target for ransomware just like any other company. Next, they need to ensure that they have the proper tools anti-virus/anti-malware installed on all computer systems to detect and defend against ransomware attacks. Of course, after this comes ensuring that the anti-virus/anti-malware software is kept up-to-date to ensure that the signature and traffic detection patterns are updated. It is critical that businesses have some sort of ransomware defense plan in place.

Continue reading →