Cisco: Brutal encrypted ransomware attacks coming
The fightback against ransomware could be short-lived as a Cisco report warns new strains may target entire networks and use encryption.
Ransomware is malware which encrypts valuable digital files on a computer or device – and potentially other computers on the same network – then demands a ransom for their release.
If the recipient of the email opens an attachment containing the malicious code or clicks on a link that infects their computer with the malicious software, a certain number of their files are then locked.
The ‘No More Ransom’ website - www.nomoreransom.org – was announced recently by Europol and will be dedicated to recovering files without the need to pay up, featuring more than 160,000 decryption keys.
However Cisco said that cyber gangs could soon be launching more complex and devastating attacks and demanding higher ransoms.
Targeting networks rather than individual users, they could exploit server vulnerabilities and look to avoid detection by using encryption or limiting CPU and bandwidth use.
“As organisations capitalise on new business models presented by digital transformation, security is the critical foundation,” said Marty Roesch, chief architect ad Cisco’s security business group.
“Attackers are going undetected and expanding their time to operate.
“To close the attackers’ windows of opportunity, customers will require more visibility into their networks and must improve activities, like patching and retiring aging infrastructure lacking in advanced security capabilities.”
Cisco urged its customers to install the latest security updates as soon as they are released.
Ransoms have typically been in the low hundreds of pounds – or even less – making it likely that victims will pay up to receive an encryption key and get their files back.
That in turn feeds the underground ecosystem, encouraging hackers to continue with their lucrative line in criminality.
Software security specialists Kaspersky Lab reported a 17.7 per cent rise in ransomware attacks in the 12 months leading up to March 2016, a total of 2.32 million upon an estimated 58 per cent of corporate PCs worldwide.
And it has also emerged that the cyber gangs are employing customer services teams and are willing to negotiate on price and deadline.
Experts from Pentest recently told BusinessCloud how their 'ethical hacking' can guard against ransomware attacks and find out whether companies' training of employees is working or not.
One of the latest forms of ransomware, nicknamed ‘Shade’, has been repelled 27,000 times by Kaspersky Lab and Intel Security software.
"Most infections occurred in Russia, Ukraine, Germany, Austria and Kazakhstan. Shade activity was also registered in France, the Czech Republic, Italy and the United States," the statement added.
"By making the payment you will be supporting the criminals' business.
“Plus, there is no guarantee that paying the fine will give you back access to the encrypted data.”