Ransomware Attacks – Stick ‘Em Up, We Have Your Data

Ransomware Attacks - Stick 'Em Up, We Have Your Data

by Ariel King, Security Engineer

Everyone is all too familiar with your classic kidnapping accompanied by a ransom note with letters cut from magazines. However, how familiar are you with the possibility your files are the hostage and the ransom note is a message in red font splayed across your computer screen?  Unfortunately, in 2018 alone, there were an estimated 204 million ransomware attacks.

Ransomware is a type of malware that prevents access to a system or personal files until a ransom is paid. Without payment within a specified time, the victim runs the risk of losing their data entirely, ransom price increasing or having their data published.

Recent Victims of Ransomware Attacks

A data center in Argentina housing local government files and CyrusOne, a prominent data center provider in the U.S., were recent victims of ransomware attacks. In the case of the Argentine data center, 7,700 GB of data were encrypted, and a ransom of between $37,000 and $370,000 was established in exchange for having the files decrypted. Ultimately, the data center was able to recover 90 percent of the encrypted data, but it may take at least 15 days for the data to be unencrypted.

As for CyrusOne, things are not as optimistic, given their attackers were the infamous Sodinokibi. It is a version of the REvil ransomware that led to a hacker receiving $287,000 of bitcoin in only three days. CyrusOne publicly stated they will not pay the ransom and is currently working alongside law enforcement and forensic firms to analyze the attack and help customers restore the lost data.

Sodinokibi ransomware attacks have proven to become a significant and increasingly frequent issue. More than 400 American dentist offices were infected with Sodinokibi ransomware through compromised software providers like The Digital Dental Record and PerCSoft, both medical records retention and backup solution marketed to dental offices. The breached software delivered the Sodinokibi ransomware to hundreds of computers used in dental offices all over the U.S. Both software providers shared a decrypter with the affected dental offices to assist in recovering encrypted files. However, it was stated by several of the offices that the decrypter either didn’t function or did not facilitate full data recovery.

Are You at Risk?

Many are under the misconception that an anti-virus program solves all malware problems; however, the different methods used by hackers to deliver ransomware goes beyond the scope of an anti-virus program. The most common techniques used by hackers to deploy ransomware are through phishing emails and drive-by downloads. Other popular methods are infected USBs and removable media, along with remote desktop protocol (RDP).

Approximately 93 percent of phishing emails are said to contain encryption ransomware. The emails are sent from spoofed addresses that appear to be from a credible source such as a colleague or trusted vendor. Phishing emails deliver either a malicious link or executable file that may come in the form of a ZIP file or word document. These emails may contain a tone of urgency demanding that the user take action by downloading the attachment or clicking on a link that takes the user to a fake webpage appearing to be a trusted site. Another similar method is drive-by downloads that consist of “sketchy” or uncertain sites that contain embedded malicious code. However, not all drive-by downloads are limited to obscure sites; you have legitimate websites whose software vulnerabilities have been taken advantage of and used to insert malicious code. This code does not need to be activated by the user clicking on anything. Instead, the device used to visit the compromised site can be scanned for vulnerabilities, and through those “holes,” the code can be inserted and executed.

Previous

Next

Managed Detection & Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email & Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

How does SilverSky's integrated stack of solutions meet your needs?


Compliance & Risk Services

Assess your program and controls, benchmark and identify areas for improvement. Develop your security roadmap for investment and improvements. Effectively measure ROI and impact on your security posture

Incident Response Readiness

Incident Response Plan Development / Review. Incident Response Readiness Review. Emergency Incident Response.

Discuss your compliance, risk management and incident response readiness needs.

Schedule Free 1-on-1 Consultation


Financial Services

1,500+ small & mid-sized financial institutions rely on SilverSky to meet and exceed FFEIC, GLBA and PCI DSS requirements and overall cybersecurity needs.

Healthcare

Hundreds of small & mid-sized healthcare organizations rely on SilverSky to address HIPAA and other regulatory requirements and serve overall cybersecurity needs.

Retail

Small and mid-sized retail organizations count on SilverSky to maintain PCI DSS requirements, secure customer data and reduce cybersecurity threats.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.


Resources

White papers, guides, tools, on-demand webinars, case studies and more. Explore a range of topics. 

Events

Blog

Product Sheets

SilverSky product and services information at your fingertips. Product data sheets, compliance matrixes, & brochures.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.


About Us

Did you know that SilverSky enjoys a 97% customer satisfaction rating and a 87.5% customer retention rate from thousands of small and mid-sized companies?

Looking to strengthen your cybersecurity?


Become A Partner

Partner with SilverSky to tap into the approaching $300 billion+ cybersecurity market.

Talk to one of our partner managers and consider expanding your cybersecurity offerings.

Schedule Partner Exploration Discussion