Ransomware Attacks - Stick 'Em Up, We Have Your Data

Everyone is all too familiar with your classic kidnapping accompanied by a ransom note with letters cut from magazines. However, how familiar are you with the possibility your files are the hostage and the ransom note is a message in red font splayed across your computer screen?  Unfortunately, in 2018 alone, there were an estimated 204 million ransomware attacks.

Ransomware is a type of malware that prevents access to a system or personal files until a ransom is paid. Without payment within a specified time, the victim runs the risk of losing their data entirely, ransom price increasing or having their data published.

Recent Victims of Ransomware Attacks

A data center in Argentina housing local government files and CyrusOne, a prominent data center provider in the U.S., were recent victims of ransomware attacks. In the case of the Argentine data center, 7,700 GB of data were encrypted, and a ransom of between $37,000 and $370,000 was established in exchange for having the files decrypted. Ultimately, the data center was able to recover 90 percent of the encrypted data, but it may take at least 15 days for the data to be unencrypted.

As for CyrusOne, things are not as optimistic, given their attackers were the infamous Sodinokibi. It is a version of the REvil ransomware that led to a hacker receiving $287,000 of bitcoin in only three days. CyrusOne publicly stated they will not pay the ransom and is currently working alongside law enforcement and forensic firms to analyze the attack and help customers restore the lost data.

Sodinokibi ransomware attacks have proven to become a significant and increasingly frequent issue. More than 400 American dentist offices were infected with Sodinokibi ransomware through compromised software providers like The Digital Dental Record and PerCSoft, both medical records retention and backup solution marketed to dental offices. The breached software delivered the Sodinokibi ransomware to hundreds of computers used in dental offices all over the U.S. Both software providers shared a decrypter with the affected dental offices to assist in recovering encrypted files. However, it was stated by several of the offices that the decrypter either didn’t function or did not facilitate full data recovery.

Are You at Risk?

Many are under the misconception that an anti-virus program solves all malware problems; however, the different methods used by hackers to deliver ransomware goes beyond the scope of an anti-virus program. The most common techniques used by hackers to deploy ransomware are through phishing emails and drive-by downloads. Other popular methods are infected USBs and removable media, along with remote desktop protocol (RDP).

Approximately 93 percent of phishing emails are said to contain encryption ransomware. The emails are sent from spoofed addresses that appear to be from a credible source such as a colleague or trusted vendor. Phishing emails deliver either a malicious link or executable file that may come in the form of a ZIP file or word document. These emails may contain a tone of urgency demanding that the user take action by downloading the attachment or clicking on a link that takes the user to a fake webpage appearing to be a trusted site. Another similar method is drive-by downloads that consist of “sketchy” or uncertain sites that contain embedded malicious code. However, not all drive-by downloads are limited to obscure sites; you have legitimate websites whose software vulnerabilities have been taken advantage of and used to insert malicious code. This code does not need to be activated by the user clicking on anything. Instead, the device used to visit the compromised site can be scanned for vulnerabilities, and through those “holes,” the code can be inserted and executed.

Managed Security Services

Your around the clock SOC.

Managed Endpoint Detection and Response

Some attacks will succeed. Don’t worry—we have you.

Managed Detection and Response

Augment your IT team using our expertise and the latest technologies.

Email Protection Suite

Defending against the leading attack vector.

Cloud Email and Collaboration

More than ever, the cloud is essential.

Incident Response Readiness

When a breach occurs, you’ll be ready.

Compliance & Risk Services

Take the next steps on your cybersecurity maturity journey.

Trusted Cybersecurity for an Uncertain World

Understand, detect, and effectively respond to threats, reduce business risk and improve the return on your security investment.

Financial Services

We comply with the same regulations you do.

Healthcare

Affordable defenses for a sector under attack.

Retail

SilverSky stands between cybercriminals and your customers’ data.

Benefits of a Single Vendor Relationship

The Cooperative Bank of Cape Cod found itself especially appreciative of SilverSky’s comprehensive solution set—particularly as they rapidly, but securely, enabled employees to work remotely.

ACET

Automated Cybersecurity Examination Tool

HIPAA

Health Insurance Portability and Accountability Act

PCI DSS

Payment Card Industry Data Security Standard

FFIEC

Federal Financial Institutions Examination Council

GLBA

Gramm-Leach-Bliley Act

ACET Helps Credit Unions Further Their Missions

Learn how going all in for ACET protects customers and the health of community-based financial services.

Resources

Articles, guides, ebooks, tools, on-demand webinars, case studies, and more. Explore a range of topics.

Press & Events

Press releases, upcoming conferences and trade shows, and future and on-demand webinars

Revisiting Cybersecurity’s Delicate Balance

Learn how CISOs are rebalancing prevention, detection, and response for stronger cyber defenses.

About Us

Trusted cybersecurity for an uncertain world.

Careers

Looking to join the fight against cybercriminals?

Security Management Console

Comprehensive customer portal for state of devices, reports for compliance, support tickets, and more.

Transforming Cybersecurity Culture from Corner Offices to Cubicles

Executives are increasingly thinking about cybersecurity management in a similar manner as they would any other risk assessment. This guide is here to help.