On Friday May 12, a new Malware infestation, dubbed “WannaCry”, began affecting systems in Europe and Asia. Though some action was taken to shut down the initial variant of this malware, additional variants are expected today and ongoing. An infestation results in the encryption of data and request for payment of ransom, followed by attempted infestation of surrounding connected systems.
Every year when spring arrives, people celebrate the end of winter and begin to emerge from their hibernation. It is during this season that summer preparations begin. Winter things are packed away, birds start building nests, and the deep greens of nature appear. Spring is a season of refreshing, whether a person, a bird, or nature. Though it is often not something we consider to be a part of spring-cleaning, an important aspect of our lives that needs to freshen up is our computing environment. Here we have provided a list of some critical items to put on your spring cleaning list. Doing so is a fantastic way to help you and your organization remain safe and secure.
2015 was rife with widespread propagation of ransomware and 2016 will be much the same.
What is it?
Ransomware is different than most historical malware. Instead of hacking into a computer to acquire and sell sensitive data, ransomware encrypts the data so it is unusable until the user pays a ransom. The hacker doesn’t have to conspire, nor share the payoff, with anyone. CryptoLocker, a Russian, email borne malware, is the most notorious of known ransomware. It is estimated to have extorted more than $30 million.
First off, a little back story. If you don't know what CryptoLocker is, it is a very effective piece of malware. Specifically, it is a type of malware that holds your information for ransom. Once installed in a system, it will communicate with some website to acquire an encryption key. OpenDNS and Cisco Web Security, mentioned in my previous post, can help in blocking the malware's encryption key request. When this happens, the malware will still exist on the computer, but without the encryption key, it cannot encrypt anything.