Page 3 - Cyber Warnings
P. 3
Phishing Attacks and Ransomware Getting Smarter This Year
Friends,
Remember the days when you received a poorly written email with
misspelled words and bad grammar from an email address you never
had in your contact list? You quickly knew something was ‘phishy’
and simply ignored it. Well, my friends, those days are long gone. As
this year kicked off with a bang of attacks against Small to Medium
Sized Enterprises (SMEs), especially in Health care, we keep hearing
story after story of some organization paying the Ransomware fees.
Now, in the UAE, there were $3M in payments this month by banks to decrypt their systems –
yes, they paid that much to ‘unwind’ the malware and ensure their files were not lost forever.
But why should anyone pay these cyber criminals? It's really simple. Most organizations are
not prepared, especially the SMEs, for the flood of Ransomware making it onto their networks.
This is becoming a very lucrative business and with the advent of anonymous currency, the
‘bitcoin’, it’s easy to get paid and disappear (or come back later to the same victim for more
extortion). Yes, if you press for it, you can track down these hackers but it’s usually too late and
you’ve lost the data. Oh, the precious data! How can we risk losing it, ever? Just pay the
ransom, right? Wrong!
The real reason we’re seeing so much successful cyber crime extortion is simple – it’s more
than employee training – it’s about doing FREQUENT (even CONTINUOUS) backups and
testing them. You could avoid paying ransomware fees if you simply wipe the drive, re-image,
then restore. What? You forgot to test your backup system? You’ve never tested a restore
process? Aha, now we have it – the real issue is better PROACTIVE information security. To
top that off, we need to rapidly (and I mean in seconds or less), isolate the infected system and
take proactive measures to resolve the issue. I have seen very few companies in the market
today that focus on BREACH PREVENTION but that’s where the future of INFOSEC should be
going. It’s about real-time encryption, backups, testing restore processes, nailing your re-
imaging process and ensuring instant ability to quarantine systems with users who fall prey to
phishing attacks, remote access Trojans and ultimately the latest and most successful threat –
Ransomware.Training and retraining employees is very important but human frailty and error
always lead to intranet breaches and infections.
With that said, I hope you find some additional new ideas that will help you not be the next
victim, in this May 2016 edition of Cyber Warnings.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – May 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
