How was your 2017?
The past year was a pretty good one for ransomware.
Malicious software spared no effort in reaching private and business accounts. According to Global Threat Intelligence Report 2017, during the 12 month period 6.2 billion attempted attacks were detected.
Osiris, Cerber, and Locky are not just good names for your dog, they are nightmares for any vulnerable workstation around the globe.
This year’s attacks were somewhat nontraditional and impressed security specialists with the new techniques and tools. Most of them were aimed at causing as much financial damage per user as possible. Cyber attacks will remain the greatest threat to companies around the world. Let’s have a look at 2017’s top 5 “harvests” according to Hideez. These examples are not the leastor the last and everyone should know how they can protect their personal accounts or businesses from ransomware.
This popped up on researchers’ security radar in March. It didn’t encrypt user’s files directly, it encrypted the master file table that NTFS disks use to keep info about the location, size, and file names on the physical disk. Petya replaced the operation system’s bootloader with its own malicious code. Thus, your computer just can’t boot. Also, Petya does its best to obtain administrator privileges. This ransomware gets in using an age old technique: the user gets a fake job application. They click on it, and Petya colonizes their virtual property.
NotPetya started its activities as a fake tax software update. It is a variant of a modernized Petya attack. The difference is that this ransomware uses the same malicious code as WannaCry. The software which is applied to devices spreads from network to network like a swarm. It was aimed at damaging the infrastructure of a country – banks, supermarkets, airports – and succeeded for some period of time. It was not only aimed at earning money, about 300 in bitcoins per victim, but probably the main point was destroying everything along the way. More than 150 countries were infected.
WannaCry was spread through spam emails. The content of the malicious letter included fake job offers, invoices, and other .zip archives that, after opening, spread the ransomware through the victim’s PC. The user just clicked the download button and the ransomware got to work.
This was born in 2016, and in 2017 was still feeling good. Locky is a phishing email attack. Emails that seemed like like Herbalife, Amazon invoices or something like that, contained zipped malicious attachments. The users had to pay from 1 to 40 bitcoins to get access to their systems again. It sent more than 20 million spam message per day. We hope you were not among the victims.
Cerber was nominated as one of the most prolific threats among crypto-malware. It steals passwords and cryptocurrency from victims. Spread all over the world through Remote Desktop Protocol (RDP), ransomware as a service (RaaS), and of course spam email. Еhis malware not only encrypts data on the computer but also removes automatic backups from it. As with most malware, CrySis demands bitcoins.
What to do to avoid ransomware?
Of course, it is no fun to deal with ransomware. If you don’t want someone to demand bitcoins from you for the encrypted data on your computer and you don’t want your backups to be removed, be careful and responsible with your computer security.
Bad Guys count on your impulses getting you into trouble. Most of the viruses are distributed via spam emails. So, think twice before you press the download button, even if the message contains congratulations. Check through another channel of communication whether the mailer really sent a letter to you.
Take care of your private accounts and don’t let bad guys send spam to your family and friends from your pages. To avoid this problem, set strong passwords on your devices, don’t keep your passwords where someone could access them physically, create strong passwords that are difficult to guess, and don’t use the same passwords for all your accounts.
We created Hideez key to make your online protection safe and convenient. There is no need to remember passwords to all your accounts anymore or to type them in. Modern life brings new online challenges, but modern solutions can help as well. Take advantage of them.