Cyber-Security in 120 Secs:  The Ransomware Epidemic

Screen Shot 2017-07-28 at 07.59.23.png
This week the ransomware impact of downtime is setting back small businesses more than the ransomware demanded amount; A new version of Trickbot banking trojan has  replicated the exploit that allowed WannaCry and Petya/NotPetya to spread worldwide; In the last two years, ransomware criminals have collected at least $25M making it a profitable illegal business.


Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

Ransomware Downtime 

Downtime caused by ransomware is hurting small businesses more than the ransomware demanded amount.

Why is this significant?

          • Ransomware demands of $1,000 or less are minor compared to the cost of downtime, revenue loss, and fallout for small businesses impacted by ransomware.
      • In about 22% of businesses, ransomware caused immediate downtime; “27% were down for one- to eight hours; 23%, nine- to 16 hours; 24%, 17- 24 hours; and 15%, 25- to 100 hours”
  • Small businesses are set back with ransomware attacks which ultimately forces them back to using old methods like pen and paper or using a stopwatch to time broadcast segments just as KQED radio station experienced.

//**enSilo protects against generic ransomware out of the box.//**

Ransomware.  Any questions?

Read the full story in Dark Reading

Ransomware Methods of Attack 

Cyber attackers share, learn and copy methods of attack to stay ahead of mitigation.

Why is this significant?

      • Researchers have discovered cyber criminals behind Trickbot banking Trojan are adopting their techniques to “crudely replicate the exploit that allowed WannaCry and NotPetya spread worldwide".
      • It’s a matter of “when” the next worldwide attack will occur. Attackers are constantly modifying and tweaking ransomware strands to defeat detection and now copying techniques of prior non-related attacks.
      • Petya/NotPetya is a prime example of how attackers can increase the destruction and even disguise their methods of attack. Petya/NotPetya was recognized as ransomware when it turned out to be a wiper~ which moves the needle for the sophistication of a worldwide attack to new levels.

//** enSilo researchers prove that EternalBlue exploit is still very effective and that ransomware like Not-Petya and WannaCry are still a significant threat//**

Read the full story in ZDNet


Ransomware Cost

Ransomware is an illegal, but a profitable business.

Why is this significant?

      • Who is the target? Ransomware can be a widespread attack (WannaCry) making every industry vulnerable. Targeted ransomware is when an attacker targets a specific company/vertical (SamSam) and the attacker identifies how valuable the data is at stake and increases the value of the demand according to the value of the data.
      • What’s the cost? An accumulated cost of $25M has been paid to ransomware criminals in the past two years. 
      • How to stay protected? Update backups regularly; patch entire systems immediately, especially if using legacy systems; layered security with an automated endpoint with pre-and post-infection protection is key.
      • Cost? The average ransomware demand range is: $700-$1300. Victims paying the demanded amount have a 70% chance of receiving a legit encryption key. 

//**Learn more about targeted ransomware vs. generic ransomware//**

Read the full story in CSO

Related Blog Posts