Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Business

DON’T BE A HOSTAGE TO RANSOMWARE

Don’t be a hostage to ransomware

Latest-generation ransomware can permanently encrypt business files, unless you pay to free them. Tom Davison, technical director for Check Point looks at how ransomware is on the rise, and how firms can defend their data against being taken hostage

‘Your money or your life’ was a phrase favoured by the highwaymen of the 18th century. But while masked criminals on horseback robbing stagecoach passengers may be a thing of the past, the notion of holding valued items for ransom is still prevalent. Today, cybercriminals use malware known as ransomware to demand ‘your money or your files’, extorting businesses by holding their PCs or data hostage and demanding financial payment for their release.

Don’t be a hostage to ransomware

Don’t be a hostage to ransomware

Like most malware, ransomware can originate from opening a malicious attachment in an email, clicking on a deceptive pop-up, or simply visiting a compromised website. It threatens businesses in one of two ways: locking a user’s screen or file encryption. Lock-screen ransomware, as the name suggests, causes a PC to freeze while displaying a message with the criminal’s ransom demand, rendering the computer useless until the malware is removed. While this is a nuisance for users, it’s survivable because it typically affects a single PC, and is relatively easy to remove.

File encryption ransomware, on the other hand, is quickly emerging as a genuine threat to businesses because of its ability to permanently lock users out of their files and data – not only on individual PCs, but across organisations’ entire networks. Using encryption to scramble data until the ransom is paid, this type of ransomware attack has seen a 200% increase in Q3 of 2013, compared to the first half of the year. What’s more, the attacks have been focused on small and medium-sized firms, using CryptoLocker, one of the most destructive and malicious strains of ransomware ever seen.

Since being identified in late summer 2013, CryptoLocker has targeted over a million computers. Once activated on a user’s PC, CryptoLocker searches all folders and drives that can be accessed from the infected computer, including networked back-up drives on company servers. It then starts scrambling those files using virtually uncrackable 2048-bit encryption. The files will remain scrambled unless the business pays a ransom to those behind the attack in order to release the decryption key – assuming, of course, the criminals actually supply the key when paid. Without exaggeration, this loss of intellectual property and confidential data has catastrophic implications.

Defending against ransomware
So what can businesses do to protect themselves against these new, aggressive types of ransomware? As a first step, it’s important that organizations implement basic security best practices recommended to protect computers from any other type of malware:

  • Ensure anti-virus software is updated with the latest signatures
  • Ensure operating system and application software patches are up to date
  • Install a two-way firewall on every user’s PC
  • Educate users about social engineering techniques, especially involving unknown attachments arriving in unsolicited emails

However, these measures do not offer complete protection against attacks. It’s all too easy for an employee to inadvertently click on an email attachment, triggering an infection. It’s also relatively easy for criminals behind a ransomware scam to make small adjustments to the malware code, enabling it to bypass current antivirus signature detection, in turn leaving businesses vulnerable.

Better protection with sandboxing
To defend against new exploits that may not be detected by conventional anti-virus solutions, a new security technique makes it possible to isolate malicious files before they enter the network so that accidental infection does not occur.

Without impacting the flow of business, this technology,emulation, opens suspect files arriving by email and inspects their contents in a virtualized environment known as a ‘sandbox.’  In the sandbox, the file is monitored for any unusual behaviour in real time, such as attempts to make abnormal registry changes, actions or network connections.  If the file’s behaviour is found to be suspicious or malicious, it is blocked and quarantined, preventing any possible infection before it can reach the network – or users’ email inboxes – and nullifying the risk of it causing damage.  Furthermore, new cloud-based emulation services can deliver this protective capability to almost any organisation, of any size, with minimal set-up needs.

Businesses should consider taking these extra precautions to ensure they don’t fall prey to cybercriminals who need only a sliver of security weakness to get into the network and hold company assets hostage. With the potential to capture all of a company’s files and data in an instant, ransomware poses a significant threat that organisations should take seriously.

Businesses can try Check Point’s ThreatCloud Emulation service for free
here: https://threatemulation.checkpoint.com/teb/
www.checkpoint.com

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post