CBR: Ransomware is ‘not a lightning strike’. “Another worrying fact is that your organisation does not have to be cybersecurity negligent for an attack to be successful, everyone is at risk. More than 77 per cent of respondents hit by ransomware said they were running up to date endpoint protection when they were hit. This signals the critical need for innovative approaches to cybersecurity in general.”
The Register: Acronis: Ransomware protection! Get yer free ransomware protection!. “Acronis has released a free, standalone version of its Acronis Ransomware Protection with AI-based Active Protection tech. It can be used alongside existing backup and antivirus products on Windows systems.” The software is Windows only, but it is free and doesn’t require any sort of registration to download.
BetaNews: Ransomware happens — get over it and be prepared. “For those of you who have already read a thousand and one rehashes of the same ‘best practices’ to prevent getting infected, here are a couple of thoughts on what to do if someone on your team is unlucky enough to become patient zero at your company.”
BetaNews: ‘New Mafia’ cyber attacks on businesses up 23 percent in 2017. “A new report from anti-malware specialist Malwarebytes says that the volume and sophistication of cyber attacks is growing thanks to an increase in organized cyber crime it dubs the ‘New Mafia’. Ransomware attacks up to the end of October have surpassed total figures for 2016 by 62 percent. In addition, there has been an almost 2,000 percent increase in ransomware detections since 2015 — rising to hundreds of thousands in September 2017 from less than 16,000 in September 2015.”
From ZDNet (not just linking to the headline because it’s about 4000 characters long), a story on a new tool for identifying ransomware and available decryptors, if any. “The Bitdefender Ransomware Recognition Tool analyses the ransom note and the encrypted file samples to identify the strain of ransomware and suggest a decryption tool based on indicators of confidence. If the ransomware has an associated decryption tool, the platform provides a link to it in order to allow the victim to retrieve the files for free.”
SC Magazine: Locky makes a strong comeback, propelled by botnet-fuel spam campaign. “Reports have been pouring in this month about the sudden return of Locky ransomware, which had been largely dormant in 2017. In short order, researchers have discovered two new major versions of Locky being distributed via voluminous malspam campaigns.”
eWeek: The True Cost of Ransomware is Much More Than Just the Ransom. “In a ransomware attack, an attacker is able to install malware that encrypts data on a victim’s system. The victimized system will then have a message on it, instructing the user to pay the ransom, in order to decrypt the data. While ransom payments are a core part of the ransomware model, they are likely the smallest financial component in terms of the actual impact that organizations face in the aftermath of an attack.”