Ransomware is one of these tactics. Attackers hold files and data hostage in return for payment, crippling the organization until they fulfill the demand set by the criminal. As the hackers discover new ways to extort money, it is critical that enterprises protect themselves using the past as an example. Continue reading to learn about five ransomware attacks from 2017 and the key takeaways from each of them to help you with your enterprise security strategy.
1. WannaCry
Making its debut in May 2017, these ransomware attacks exploited a vulnerability first discovered by the National Security Administration. Originally, the NSA intended to use this weakness for surveillance purposes; however, the masterminds behind WannaCry used it to extort money from enterprises worldwide.
The virus attacked entire network systems through standard PC File sharing paths. WannaCry brought organizations down, from Russia and the United Kingdom to the United States, holding their valuable data hostage until their demands were met.
2. Petya
Petya first made the news in 2016, affecting only Windows users through an email attachment that was downloaded and given permission to make administrative changes to the hard drive.
What made this ransomware unique? It didn’t encrypt specific files, instead it overwrote the master boot record and encrypted the master file table. The files stored on the computer were untouched, but users had no way to access them as they couldn’t boot their Windows operating system - making the system unusable until the ransom was paid.
Last year a new version, appropriately named NotPetya, transmitted just like the earlier strain and delivered an identical ransom note, but that was where the similarities stopped. Unlike the original, NotPetya did not actually hold files hostage. Instead, once the virus was activated it destroyed the files it found, making them impossible to restore.
3. Bad RabbitWhile Russia was the main target of this virus, it also impacted other countries such as Ukraine and Germany. It was also a good reminder that similar attacks could happen in the United States.
4. LockyIt’s important to note that the cybercriminals behind this attack designed it to infect the computer that downloaded it, as well as any device or computer that was attached to it.
5. Spora
Like Bad Rabbit, Spora was disbursed through valid websites. Hackers embedded these sites with a special JavaScript code, which then infected the user’s computer. This ransomware went one step further than the other viruses; not only did it hold files hostage using one of the most sophisticated designs, it stole sensitive information and sold them to other criminals on the dark web.
While it’s not likely the threat of ransomware will dissipate any time soon, there are tactics you can employ to protect your enterprise. After analyzing the five attacks above, we have developed the following suggestions to help safeguard your sensitive information from these crippling attacks.
If you need help exploring your organization’s security protocols and options, contact WEI, a trusted technology partner, today for a comprehensive security and threat prevention assessment.