Methodist Hospital in Kentucky made national headlines recently after a dangerous ransomware virus called “Locky” encrypted scores of its important digital files, paralyzed critical IT systems, and forced hospital staff to revert to pen and paper to track patient care.
The attack proved once again that those responsible for spreading ransomware are merciless--and they’re not backing off anytime soon. Ransomware has been on the rise in recent years, and 2016 is already shaping up to be a frighteningly successful year for cybercriminals. Here’s a quick look at some of the latest developments on the ransomware front.
Malvertising scam causes spike in ransomware infections.
Email is certainly a popular way to spread ransomware. Another way is to get some of the biggest online publishers in the world to do it for you. The New York Times, BBC, MSN, the NFL and AOL top the list of major online publishers that in March became unwitting pawns in a large-scale malvertising scheme. Cybercriminals created malicious digital advertisements and uploaded them to online ad networks where they were distributed to media giants and consumers around the world. The malvertising scheme led to a major uptick in worldwide ransomware infections and had many online publishing executives scratching their heads in disbelief.
Mac users are increasingly being targeted.
Apple Macintosh users love to talk about how secure their computers are--and, for the most part, they are. But that doesn’t mean Macs are completely safe from ransomware. Cybersecurity experts recently spotted the first-ever ransomware attack against Apple Macintosh OS X users. And, given the tenacity of today’s cybercriminals, you can bet there will be more Mac attacks in the future.
Ransomware syndicates get more sophisticated.
It’s no secret that ransomware is most often spread through phishing emails that include malicious links and attachments. And in the early days of ransomware, those emails were messy, full of typos and fairly easy to identify as fraudulent. But that’s no longer the case. Today’s cybercriminals have sophisticated tools, and the phishing emails they send are more likely to seem like normal correspondence from friends, family and businesses.
Cybercriminals around the world have also learned to pool resources and work together. And, thanks to do-it-yourself Ransomware-as-a-Service (RaaS) sites on the deep Web, anyone can launch a ransomware attack as long as they let other criminals share in the profits.
Best practices for protecting your clients.
One way to protect your clients and their employees from ransomware is to school them on digital hygiene best practices. That means avoiding clickbait and being sure not to open email attachments from unknown senders. I’m even skeptical of unexpected attachments from addresses that look familiar. Just remember that even the most vigilant computer users can still fall victim to ransomware.
Firewall and anti-virus software that is kept up to date can also help your clients prevent ransomware infections, but they are by no means foolproof. Cybercriminals have figured out lots of ways to detect and circumvent both lines of defense.
The best way to protect your clients is to help them proactively implement a high-quality backup system with versioning capabilities before they’re attacked. That way, if they’re ever attacked with ransomware, all you’ll need to do is delouse the system and return it to a healthy state, delete the infected files and restore clean versions from backup. As a bonus, you’ll look like a hero doing it.
Jim Flynne is Vice President of Operations at Carbonite, a provider of cloud and hybrid backup solutions for small and midsize businesses. Learn about the benefits of partnering with Carbonite and apply to become a Carbonite Partner today.