What You Need to Know about WannCry Ransomware ?. -Thousands of computers in the world are being attacked by viruses demanding ransom. The Wans Cry's Ransomware Virus has attacked 99 countries. Ransomware has infected a number of countries, including the United States, Britain, Spain, China, Russia, Italy, Russia, Taiwan and Ukraine. Meanwhile, Russia, Taiwan and Ukraine became a very bad country.
Then, what is ransomware?
What is ransomware?
Ransomware is a malware that scrambles data so you can not use your computer or android. Ransomware is one of the biggest problems in cyberspace today. Ransomware is a form of malware that encrypts documents on a PC or even on a network. Victims often just regain access to their files and PC by paying ransom money to cyber criminals behind it. Ransomware infection often begins when you click on what looks like a normal attachment, and this can be a headache for companies of all sizes.
If hackers infiltrate your corporate network, they will do everything possible to avoid detection. It is aimed at their best interest not to remind victims that they have been victimized by cyber crime. This is a characteristic of ransomware, with the technique of "silence" up to a certain time.
But now, if you're attacked by file-encrypting 'ransomware wanna cry', criminals boldly announce that they are holding your company's data until you pay a ransom.
Ransomware and IoT
IoT has a bad reputation for security. The more successful people enter the market, they will provide billions of new attack vectors for cyberspace criminals, potentially allowing hackers to host various types of IoT devices such as CCTV cameras and others.
There is even the possibility of hackers can infect medical devices, thus endangering lives directly.
Because ransomware continues to grow, it is therefore important for your employees to understand the threat it poses. Organizations can do everything possible to avoid infection, because ransomware can paralyze the service or cause more severe operational downtime.
There is also a sample of high profile targets that pay billions of rupiah to restore their network access. Especially in cases where criminals threaten to delete data if not paid.
Ultimately, regardless of the size of the company, the time is money and the longer your network is paralyzed, the greater the cost to your business. You should be able to know how much the losses and costs are resulting from a downtime.
History of Ransomware Virus
While ransomware exploded last year. Cyber attacks increased by about 748%, this is not a new phenomenon. The first example of what we now know as ransomware emerged in 1989.
Known as AIDS or PC Cyborg Trojan, the virus is sent to the victim. Ransomware wanna cry mostly targeting attacks to the healthcare industry. Ransomware will count the number of times each PC is booted: after it reaches 90 times and starts encrypting the machine. Then they will ask users to renew their licenses via 'PC Cyborg Corporation' by sending $ 189 or $ 378 to the postbox in Panama.
Do Companies Need to Worry About Wanna Cry Ransomware?
Simply put: ransomware can ruin your business. Being locked out of your own network even for a single day will have an impact on your income. But given that most ransomware casually casualties offline at least a week, or sometimes months, the losses can be significant. The offline system is so long not just because ransomware locks the system, but because of all the effort it takes to clean and restore the network.
And instead of just charging financially, ransomware can damage the reputation of the business. Consumers become alert to organizations that they believe are unsafe.
Indeed, criminals now offer a 'ransomware-as-a-service' scheme to potential users at no cost at sign-in. Instead of charging for ransomware code, they want a 50 percent cut.
How Does Ransomware Infect Your PC?
It is a modern enterprise dependency on the internet that enables ransomware to thrive. Everyday, every employee receives hundreds of emails and many activities that require employees to download and open attachments. So this is something that is often done on autopilot. Taking advantage of employee activity to open attachments from unknown senders can enable cybercriminals successfully propagate ransomware.
Like other forms of malware, botnets send mass ransomware. With millions of malicious phishing emails sent every second. Criminals use various feeds to push the target to open ransomware email. Starting from financial bonus offerings, fake online purchase receipts, job applications from prospective employees, and more.
While some messages provide clues about their bad nature with messages that do not match the strange words or addresses of senders, others are specifically tailored to look as safe as possible, and no different from other messages. This is where employee education is necessary as one way to prevent ransomware attacks from entering your system.
After a malicious attachment is opened, the user is encouraged to enable the macro in order to view and edit the document. When the macro is enabled, the ransomware code hides inside the macro. It can encrypt files in seconds and then request payment ranging from several hundred dollars to tens of thousands of dollars to recover the system.
Who Are the Goals of Ransomware?
Any business can be a victim of ransomware. But perhaps the most famous incident occurred when the Hollywood Presbyterian Medical Center in Los Angeles was infected with Locky's Ransomware. The infection caused the doctors and nurses were unable to access the patient's files for days. Eventually the hospital chose to give ransom demands to hackers to restore the service.
In fact, if your company uses cloud back up services that have adopted data behavior recognition technology, then you do not have to pay a ransom. Simply switch the temporary operations on the Disaster Recovery cloud service, wipe the entire device, and restore operations.
Hospitals and other health organizations are popular targets of ransomware attacks wanna cry. This is because they are often willing to pay. Losing access to data is a lifelong issue or death for them. The hospital does not want to be responsible by letting people die because of bad cyber security. However, there are still many cyber crime perpetrators who think that attacking the hospital is a despicable activity.
Do We Have to Pay Ransomware ?
Some say that the victim just has to pay a ransom, on the grounds that it is the quickest and easiest way to recover data. In fact, many organizations pay for it.
But be warned: if news comes out that your organization is an easy target for cybercriminals by paying a ransom, you can find yourself in the cyber criminal's other cyberfire aiming to exploit the security vulnerabilities in your company.
What does Bitcoin have to do with Ransomware?
The rise of crypto currency like Bitcoin has made it easier for cybercriminals to secretly accept payments. This is without risk the authorities can identify the perpetrators. Secure and untraceable payment methods make BitCoin a perfect fit for criminals who want their financial activities to remain hidden.
Cybercriminal gangs are becoming more professional. Some even offer customer service and help victims who do not know how to obtain or send Bitcoin. Because, what's the point of raising a ransom demand if the user does not know how to pay it?
And remember that you are dealing with criminals here. They may not keep their promises. There is a story about the victim paying a ransom and still not having the file returned.
How To Prevent WannaCry Ransomware Attack?
With emails that are by far the most popular attack vector for ransomware, you should provide employee training on how to recognize potential ransomware attacks wanna cry. Even taking a bit of an indicator like a bad format or an email claiming to be from 'Microsoft Security' sent from an obscure address that does not even contain Microsoft word in it can save your network from malware infections.
There is also something that can allow employees to learn from mistakes while in a safe environment. For example, one company has developed an interactive video experience that allows its employees to make decisions in a series of events and then finds the consequences of the problem at the end. This allows them to learn from their mistakes without having to feel the real consequences.
At the technical level, stopping employees from being able to enable macros is a big step to make sure they are safe from running Ransomware files. Microsoft Office 2016 - and now Microsoft 2013 - both bring features that enable macros to be disabled. At the very least, employers should invest in antivirus software and keep it up-to-date, so it can warn users about potentially harmful files.
Conclusion:
The security of IT infrastructure needs to be improved, especially in small and medium enterprises. Management can conduct regular cyber security training for employees. Disable macro function on windows operating system to protect employees from opening files infected with ransomware.
Cloud backup services with behavioral pattern recognition technology are the company's current needs. With the on demand system, SME companies can enjoy the disaster recovery as a service (DRaaS) facility that previously can only be enjoyed by large companies.
When a ransomware attack occurs, DRaaS can detect behavioral data that changes subtly even though smooth and stop the replication process. Thus, corporate data remains safe from ransomware attacks.
EmoticonEmoticon