Cyber security threat has been on the rise for past few years and there is no second thought that Hackers are far more skilled than cyber security professionals of this generation. As the 2016 goes by we realize that predictions made by security researchers from Symantec, Kespersky and other security firms are pretty close to reality. This year we have seen a parallel rise in cyber security attacks and new malwares, but the prime focus of cyber criminals in 2016 are ransomware attacks.
Millions of users and thousands of organizations has suffered deadly ransomware attacks this year. A ransomware is a kind of Malware, which encrypts the user files and demands ransom to decrypt the data. Locky, Crypto, Crysis, Zcrypt and powerware are some of the most destructive ransomware that have ever hit the internet. Locky and Crypto are the top most ransomware this year because of the destruction they raised.
These ransomwares enters the users computer through malicious emails and once user open the infected file; it encrypts the data like files, pictures etc., and leaves a text.file that demands the amount in bitcoins. Malwares are not only limited to your personal computers they can also enter your mobile devices using different patterns or by bypassing the security of app stores.
According to Trend Micro a global leader in security software’s “more than 4 million samples of ransomware were identified in the second quarter of 2015, indicating an upward trend, as in the third quarter of 2013, fewer than 1.5 million samples were analyzed.”
The number has increased by far more drastically this year; when it’s compared from last quarter of 2015. Hackers are using new techniques of luring users into downloading infected files. There are many incidents reported this year, when a user was lured into downloading a malicious file. The file seems legitimate (invoice or Electronic fax) on the first look. But, when a user open the file; the ransomware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the user computer is attached to.
Tips to deal with Modern day ransomware threats
Here are the few important tips for businesses and individuals who wants to avoid themselves from being a victim of ransomware attack.
- You should inform your employees about ransomware threats and what are the consequences if they make a mistake by downloading a malicious file on office network. They have a critical role in protecting the organization’s data.
- Patch operating system, software, and firmware on digital devices.
- Setup automatic updates for Antiviruses and Anti-Malware software. An out of date antivirus is useless and can’t protect you from ransomware attack.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Manage the use of privileged accounts nobody should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Disable macro scripts from office files transmitted over e-mail.
- Backup your data on regular basis and check the security strength of those backups regularly.
- Most Important: Your backups shouldn’t be connected to the computer or network they are backing up. Because if your network is attacked by some ransomware; it can also gain access to your backups.