Tag Archives: Ransomware

Posted on Author Atlantic Computer Services Categories Blog

Gen Intel Processors May Get Built In Ransomware Protection

At CES 2021, arguably the most influential and significant tech event in the world, Intel made an important announcement regarding its historic eleventh generation of chips.

The latest designs will feature hardware-based ransomware detection protocols, which should serve to make those types of attacks less likely to succeed.

In 2020, ransomware became the attack vector of choice for hackers around the world. It’s easy to see why. After all, it sets up a win-win for the hackers. First, it brings an infected network to its knees, disrupting commerce and communications. It has brought an outright end to a great many companies that were simply never able to recover from a successful attack.

Second, it gives the hackers plenty of time to slip into the breached network and exfiltrate any files they like. Typically, hackers go for the high-value stuff first, like personally identifiable employee and customer information used in identity theft, payment card data, and the like. However, hackers are also often interested in proprietary company data that can be sold to rival firms. Taken together, the stolen data represents a significant payday for the hackers.

Then, on top of that, the hackers demand a hefty ransom in exchange for the decryption keys, which ultimately gets the compromised network back on its feet. If the company refuses to pay, hackers are increasingly likely to publish some portion of the stolen data to embarrass the company in question, leading to further financial impacts.

All that to say, ransomware is an extremely attractive option from the perspective of a hacker, and anything that can be done to make that kind of attack less likely to succeed is a welcome addition indeed.

That’s where Intel’s TDT (Threat Detection Technology) comes into play. It creates an additional layer of security designed to shield a device from malicious code injections. How effective it will be remains to be seen, but it’s an exciting development indeed. Kudos to Intel.

0
Posted on Author Atlantic Computer Services Categories Blog

Brand New Ransomware Found On The Internet

Hackers around the world didn’t waste any time. New Year’s celebrations have barely ended, and already, we have our first reports of a new malware strain to help ring in 2021. Dubbed Babuk Locker, the strain is aimed squarely at corporate networks.

Based on an analysis of the code, security experts have concluded that the software was designed by mid-level hackers.

It’s a bit of an amateur effort, but the malware is competently designed and the encryption function is rock solid, so if you fall victim to this ransomware, there’s no unlocking the files. You’re either going to have to restore from backup or pay the ransom in Bitcoin.

Babuk has only been used in a handful of attacks thus far this year. Then again, this year is only a few days old at this point, so we could be seeing the beginnings of a significant campaign. As ransomware goes, however, the creators of Babuk don’t seem to be overly greedy. The ransoms they have been demanding have ranged from $60,000 to $85,000 USD, payable in Bitcoin.

Given that the average last year was just over $110,000 USD, that’s not awful. Make no mistake, having to pay any amount of money to access your own files is unacceptable, but if you do fall victim to some type of ransomware, this is one of the least expensive strains out there.

In any case, the best case scenario is not to fall victim to a ransomware attack in the first place. Given that these types of attacks have become many hackers’ go-to option, it pays to review your current security protocols and see if there’s any room for Improvement.

Most people make at least a few New Year’s resolutions on December 31st. It’s certainly not too late to resolve to make your network security a top priority this year.

0
Posted on Author Atlantic Computer Services Categories Blog

Cyber Attacks On Schools Are Increasing According To Recent Warning

With the pandemic still raging, many schools around the world are still shuttered as tens of millions of school age children take to learning from home via remote or distance learning technologies. It is by no means a perfect substitute for in person learning but right now at least, it’s the only viable option available.

Unfortunately, the trend has caught the attention of hackers around the world, and the FBI and CISA (Cybersecurity and Infrastructure Security Agency) has recently issued an alert warning that cyber attacks against such programs are on the rise, and that K-12 online learning programs are increasingly being targeted by ransomware attacks.

In fact, according to statistics collected by the agencies, in August and September of this year (2020) fully 57 percent of all ransomware incidents involved K-12 schools, up sharply from 28 percent as reported between January and July of this year.

These attacks aren’t coming from a single group, either. The two most popular malware strains being used against online learning infrastructure are Shlayer and SeuS, but there are many others. Others include NanoCore, Gh0st, Kovter, Cerber, Dridex, and more. As you can see by this list, not all of the K-12 attacks are being made with ransomware. Some of the strains mentioned above are Trojans and Infostealers, but Ransomware makes up the greater bulk of attacks being reported.

The information from the government agencies has also been confirmed separately by Check Point, which issued a mid-September report essentially reaching the same conclusions and warning of an ongoing surge of attacks against K-12 institutions.

Unfortunately, these types of attacks will probably only increase in their frequency before they start to fall off. However, now, with two vaccines on the horizon, there’s finally a light at the end of the pandemic tunnel. That means that with any luck, toward the end of next year, things may start returning to some semblance of normal. Until then, stay vigilant, it’s going to be a rough ride.

0
Posted on Author Atlantic Computer Services Categories Blog

Watch Out for Egregor Ransomware Now Hitting The Scene

A new ransomware strain burst onto the scene in September of this year (2020). Dubbed ‘Egregor’ by the research team at Digital Shadows who discovered it, it has already claimed more than seventy victims in nineteen countries around the world. Worse, the hackers controlling it appear to just be getting started.

The malware is expertly designed and all of the hackers’ attacks have been meticulously planned. This information lead the research team at Digital Shadows to conclude that the strain has been under development for quite some time, and that this operation isn’t being run by a group of novices or low-level hackers.

While they may not be working directly for a Nation-State, they’ve got serious skills and should not be underestimated. The research team concludes that they’re just getting warmed up, and the months ahead could see the number of attacks this group is responsible for multiply greatly.

Naturally, hackers who deploy ransomware of any kind, do so in order to get paid. In this case, the group behind Egregor sticks to convention and demands their ransom in BitCoin, with the exact price varying from one target to the next.

While the malware campaign hasn’t been operational long enough to draw any firm conclusions about how they initially breach a target network, available evidence suggests that phishing campaigns play a major role. That’s not a great surprise, since it’s one of the main ways most hackers get a foot in the door.

In any case, this is a dangerous piece of code, and one to stay on the lookout for. While the hackers behind it don’t gouge quite as deeply as some other ransomware strains currently in use, a successful attack is still a lesson in pain that could seriously disrupt, or even end your business. Stay vigilant, and make sure you’ve got a robust backup system in place.

0
Posted on Author Atlantic Computer Services Categories Blog

People Are Paying Ransomware Attackers In Large Numbers In 2020

Hackers have increasingly gravitated to ransomware attacks in 2020, as being one of the best and most reliable paths to a payday.

That brings to mind an interesting question though. Naturally, the viability of this type of attack comes down to what percentage of victims are willing to actually pay the ransom, and what is that number as of right now?

Crowdstrike recently took a deep dive into the best available data to find out. They discovered that slightly more than one in four (27 percent) of companies that fall victim to a ransomware attack wind up paying the toll, rather than restoring from backup, and the average ransom demanded is now slightly higher than $1 million USD.

Given the steady rise in popularity of this type of attack, and how easy it is to avoid paying the ransom, one might wonder why such a high percentage of business owners opt to pay up. There are two parts to the explanation.

First, although it does seem that on the surface of things, it’s easy to set the conditions that would make it easy to recover from such an attack (have regular backups). However, unfortunately in practice, that’s easier said than done. Few companies back up their entire network from end to end, so even if they’ve got current backups, there’s going to be lost data and it’s going to take quite some time to restore full functionality, figure out what’s missing, try and recreate that data, etc.

The other issue is that in a surprising number of cases, a company’s backup plan isn’t as robust or as complete as they imagined it was. We’ve seen instances where the company’s CEO thought they were doing backups on a weekly basis, only to discover that the last good backup they had available was from six months before.

When you suffer from a ransomware attack and then find out your last backup is six months old, you don’t really have any other moves to make. You pay up and hope the hackers deliver on their promise to unlock your files.

Given the prevalence of ransomware attacks, if you’re not preparing for one, you should be. When was your company’s last backup taken? How sure about that are you?

0
1 6 7 8 9 10 17