fbpx
Mytek Logo
MyTek Logo

Ransomware is Now Aligned with Terrorism

by | Jun 14, 2021 | MyTek Blog, Security

Q

Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

Ransomware has changed from being an annoyance to being aligned with real global threats. The U.S. Justice Department officially has gone on record and has established that new ransomware investigations will be handled the same way that terrorism is handled. Let’s look into the reasons behind this new strategy and how your own business should be responding. Then, we’ll discuss Phoenix cybersecurity solutions to keep your business safe.

How Much Worse Has Ransomware Become?

Ransomware has always been dangerous and something to look out for. But now, with the major attacks that have happened lately, the issues of the past seem minuscule by comparison. While it would be terrible for your small business to be attacked by ransomware, it can’t compare to the major recent attacks like that of JBS and Colonial Pipeline.

Even so, no business is truly safe from cyberattacks and the results of one can be highly damaging. This is why the White House has recently stepped in, saying that they are warning companies to up their cybersecurity measures.

Other Governing Bodies are Following Suit

That isn’t all. Following the JBS hack, which has the potential to create huge economic ramifications, U.S. Congress is also considering the lack of federal oversight when it comes to the cybersecurity of meat processors. This oversight would be able to help prevent and mitigate attacks like these and stop the widespread of their impacts.

Ransomware Threats Are Also Getting Worse

With ransomware attacks targeting bigger and higher-value targets, the strategies used across the board are evolving and getting bigger and better. Let’s look at the ideal progression of a ransomware attack, but from the attacker’s perspective.

  1. Encrypt a targeted system using ransomware
  2. If the ransom is not paid, threaten to delete all of their data.
  3. Profit.

Because of this, the consensus among security-minded businesses was the keeping of an isolated backup, which they saw as the perfect failsafe against an attack like this. With this type of action, the encrypted data can be wiped and replaced with the backups for a relatively minor cost (especially in comparison to ransom costs). This is why we always recommend every business we encounter knows the importance of having a backup.

Unfortunately, this is not the only step needed to be taken since cybercriminals are now adapted their processes. Because of this, they are following slightly different methods than what we have seen before, such as: 

  1. Use ransomware to steal data and then encrypt it after it has been harvested.
  2. Threaten the company and say that their data will be deleted if the ransom is not paid. 
  3. Profit.
  4. Threaten the company and say that their data will be leaked or sold if a second ransom is not paid.
  5. Profit again.

This approach is a double-whammy that first was seen in late 2019, but has sadly exploded since. A recent survey stated that 77 percent of ransomware attacks now double as threats to leak data unless ransoms aren’t paid. This same survey also shared that attacks are increasingly being directed toward small or medium-sized businesses that have fewer resources and funds.

So, what can your company do now that keeping a backup may not be enough?

How a Business Can Resist Ransomware

First, let’s take a look at how the majority of modern ransomware attacks start. Half of these attacks come from the cybercriminal’s ability to get into your remote desktop software, through stolen or guessed credentials, or through a vulnerability that is unpatched. Any organization can prevent ransomware attacks by reinforcing password security and user management.

With stronger password requirements, such as two-factor authentication measures, you can eliminate threats related to insecure passwords. You can also use a password management platform to make complicated passwords easier to remember, so your systems can be as secure as possible.

You should also invest in a dark web monitoring service that can help you identify if your data and passwords have been exfiltrated or compromised. While this can’t undo the damage that has already been done, it can help you identify your weak points and fix them before anything else is compromised.

We wish that we could tell you that cyberattacks won’t get worse, but we can’t, so instead, we are dedicated to helping you do whatever we need to stop them. MyTek is here to help you have the best Phoenix Cybersecurity Solutions, so give us a call today at 623-312-2440 to learn more.

ABOUT THE AUTHOR

Tim - Team

Tim Tiller, LMSW

 
Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.

Q

Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.

AUTHOR’S RECENT POSTS

Top 5 Hardware Monitoring Software 

Did you know that almost 40% of servers had at least one outage in the last twelve months? Veeam reports that the most common reason for outrages is infrastructure failure which puts the current hardware monitoring practices under the scanner. Hardware failures are...

Types of Mobile Malware & How to Defend Against Them

Malware has a long history of undermining computer security and stealing critical data. With the rapid growth of mobile usage, we're now seeing a new breed of mobile malware infecting smartphones and tablets. The new-age mobile malware are more advanced, seamless, and...

How to Protect Your Data Privacy & Enhance IT Security

Every time you use a device, you enter, modify or access data. Some of your usages are routine and public but sometimes you perform tasks that are confidential in your personal life or business. Naturally, this type of data is private and it should be kept that way....

Mobile? Grab this Article!

QR Code

Blog Archive

Share This