The news is buzzing with instances of companies being taken for a ride by cyber thieves. Their new tactic? Injecting dangerous software into the organization and locking their data up until a ransom is paid. While the FBI still recommends not paying the ransom, enterprises are taking varying approaches to combatting ransomware. In this post we dive into some recent ransomware attacks and takeaways your organization can learn from them.
Last year, ransomware became a $1 billion dollar industry. If ransomware were a traditional legitimate industry it would be the focus of case studies for business schools at colleges and universities across the world. Its exponential growth has been unprecedented and its nefarious means of encrypting one’s data files to garner ransom has captured the headlines of newspapers, journals, blog sites, and news channels. One billion dollars brings a lot of attention and spotlight to something.
With the wide range of reported cybersecurity incidents and hackers getting more creative than ever before, there is no shortage of threats to the modern enterprise. IT managers must not only secure current data and systems, but preemptively protect against ongoing future threats, which are constantly evolving. While there are well-known versions of malware, “Tellingly, WatchGuard’s inaugural Internet Security Report found that some 30 percent of malware in Q4 was new, or ‘zero day.’ (Not to be confused with zero-day exploits.) In other words, one-third of malware identified wouldn’t be caught by legacy antivirus solutions,” according to PYMNTS.
Surely you’ve seen rampant news reports of malware breaches and incidents of cyber hacking at enterprises around the world. From hospital hackings to financial services heists, digital criminal activity is a very real threat in today’s business climate. Read on for the details your enterprise needs to know about malware, in addition to three tips to protect your organization.
As malware continues to evolve at lightning speed, it’s getting more and more difficult to prevent and identify its existence. A computer attack from the APT virus is both insidious and crippling for enterprises. Its lifecycle, if well-masked, can do some real damage in just 12 months. An Advanced Persistent Threat attack on a bank revealed that it’s a methodical attack. Here’s how it unfolded. Seasoned cybercriminals mined the bank’s social media platforms and website to identify its hosts and senior personnel. Stolen data was then used to launch phishing email campaigns and launched malware on the bank’s executives’ laptops. Undetected by antivirus software, the attack expanded throughout the business. All of this took just three months. Over the next several months, the malware had injected a code into all of the infected systems. Slowly, it stole passwords, security policies and network diagrams. The organized crime ring used this data for a more offensive attack across the company’s network. The last two months of the malware attack entailed downloading the bank card information of more than 50 million bank customers.