Ransomware exposes poor data management hygiene

Posted by Mike Vizard on Apr 28, 2016 9:00:23 AM

As ransomware attacks continue to proliferate, the soft underbelly of IT — how organizations often manage their data in a cavalier manner — is finally being exposed.

Ransomware combines social engineering techniques, malware, and encryption to take an organization’s data hostage. As this scourge continues, digital criminals are getting more sophisticated about selecting their victims. For a while, they focused on hospitals, which have lots of sensitive data they need to be able to readily access. Now it’s become apparent that police departments are also favorite targets for much the same reason.

Read More

Topics: Malware

The FBI wants to see your malware

Posted by Mike Vizard on Apr 21, 2016 9:46:52 AM

FBI_malware.jpgThe Federal Bureau of Investigation (FBI) would like IT services providers and their customers to share their malware with them. As part of its ongoing efforts to combat cybercriminals, the FBI has developed a massive database of malware that it uses to identify and keep track of the individuals and organizations that create malware.

Speaking at a DatacenterDynamics Enterprise conference in New York this week, Timothy O’Brien, a supervisory special agent for the FBI who leads a task force dedicated to combating cyberespionage, says the FBI now has six different task forces in place to help combat various types of cybercrime.

Read More

Topics: Malware

Samsam and Petya: The New Wave of Ransomware

Posted by Paul Hanley on Mar 30, 2016 5:17:42 PM

Malware development, like any other area in IT, is a hotbed of innovation and change. At the forefront of this trend are the groups responsible for developing ransomware applications such as TeslaCrypt and Cryptowall. Today’s news brings two new challengers: Petya and Samsam. They both contain the usual tricks: 2048-bit encryption, reliance on the use of TOR and other “shadow Internet” locations for payment, and headaches for everyone involved. That said, they each have some new tricks not yet seen in the space. Let’s take a look.

Read More

Topics: Malware

TeslaCrypt 4.0 ransomware ups the ante with unbreakable encryption

Posted by Paul Hanley on Mar 24, 2016 12:19:13 PM

When TeslaCrypt first arrived on the ransomware scene about a year ago, it seemed like a CryptoLocker copycat with a few new tricks, such as renaming existing files, deleting browser history to hide the source of the infection, and a peculiar appetite for Twitch streamers and multimedia creators. The authors of this malware strain are adapting quickly, proving themselves to be more than just another copycat and recently launching the fourth version of the malicious software, one even more damaging than the original.

Read More

Topics: Malware

KeRanger brings ransomware to the Mac

Posted by Mike Vizard on Mar 8, 2016 9:44:20 AM

Not too long ago one of the benefits of using a Macintosh for work was that there wasn’t enough of these systems in place to make it worthwhile for hackers to target them. Fast forward to today, and the growing popularity of Apple's Mac computers has now made them a much more lucrative target. Case in point is a new piece of ransomware that specifically targets Macs.

Like other pieces of ransomware, KeRanger malware counts on social engineering techniques to trick end users into clicking on an attachment that installs malware on their system. This malware gives the hacker the ability to encrypt all that data on that machine, and the only way to get that data back is to pay the hacker for the keys needed to decrypt that data.

Read More

Topics: Malware

Locky malware creates potential IT security nightmare

Posted by Mike Vizard on Feb 23, 2016 10:36:04 AM

ransomware-2.jpgMost IT service providers that have any experience with IT security knew it was only a matter of time before a ransomware exploit wound up taking an organization's data hostage in a way with no known remediation. Taking advantage of the fact that most end users are still pretty naïve when it comes to IT security, hackers have developed “Locky” malware, which uses macros in a Word document to insert code in an IT environment that encrypts all of the data in that organization. The hacker then demands money, usually in the form of untraceable digital Bitcoin currency, in exchange for the keys needed to decrypt that data.

The best known case of Locky malware being used as “ransomware” involves the Hollywood Presbyterian Hospital, which was recently forced to pay roughly $17,000 to regain access to its data. Hackers tricked one of the hospital's employees into downloading an infected Word document that instructed that user to click on a portion of the document that activated the malware using Microsoft Office VBA macro programs embedded within it.

Read More

Topics: Malware

Ask Intronis: How do I recover a customer after a CryptoWall 4.0 attack?

Posted by Courtney Steinkrauss on Jan 25, 2016 9:00:00 AM

Q: My team has been dealing with a worst-case scenario. One of our customers was hit with CryptoWall 4.0, and their systems need to be restored. We’ve paid the ransom, and the ordeal is over, but none of us (my customer and my team) want to deal with this again. To avoid another ransomware attack, I want to find out exactly how the malware infiltrated their network. How can I pinpoint where the breach happened and protect my customer from another attack?

Read More

Topics: Malware, Customer Management

CryptoWall returns for another round with CryptoWall 4.0

Posted by Paul Hanley on Nov 6, 2015 12:05:24 PM

The gold standard in ransomware, CryptoWall, is making the rounds again with a new 4.0 release. In this revision, there are some pretty important changes that are going to make life more difficult for both infectees and security researchers looking to counter the software’s malicious activities.

Read More

Topics: Malware

Top malware threats to watch: CryptoWall, Jellyfish, Demon, and Moose

Posted by Paul Hanley on Jul 2, 2015 8:50:00 AM

It’s becoming more and more commonplace to read headlines reporting the latest and “greatest” security breach affecting a major corporation. Target, Home Depot, Anthem, and even the United States government have all been affected by cybercriminals hacking into their system and exploiting their sensitive information.

While these attacks are becoming more frequent, they’re also becoming more sophisticated. Cloud computing has made it easier for cybercriminals to infiltrate systems and obtain sensitive information. Of these cybercriminals, malware authors are key players. They’re creating new software used to steal this information, and they’re perfecting the variants of malware that already exist. To understand these developments, let’s look at the top three types of malware IT service providers and SMBs need to be aware of today.

Read More

Topics: Malware, Cyber Security

Quiz: How well do you know the latest malware threats?

Posted by Anne Campbell on Jun 30, 2015 11:30:00 AM

Think you’re a cybersecurity expert? It seems like a new malware strain crops up every day, continually putting your SMBs customers—and their data—at risk. Staying ahead of cyber criminals and the latest threats can be a challenge, even for the most alert business owners and IT service providers.

Read More

Topics: Malware, Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment