Ransomware Advisory: Protect Your Clients from the Latest Malware Threats

The worldwide ransomware epidemic continues to heat up, grabbing more headlines each week. It’s never been more important to make sure your customers are well educated on how to avoid ransomware, and well equipped to defeat ransomware in the event of an attack.

The U.S. Federal Bureau of Investigation reports that ransomware victims paid more than $200 million to get their data back from cybercriminals during the first quarter of 2016. That’s an 800% increase over the first quarter of 2015.

In the last year, more than 5,000 Carbonite users have reached out to Carbonite Partners or the Carbonite technical support team to get help in overcoming a ransomware infection–and that number doesn’t include all of the victims who may have paid the ransom without seeking help.

What’s it all mean? The war on ransomware isn’t going to end anytime soon, and IT solutions and service providers are on the front line of defense. Here are some practical tips on how to keep your clients’ data protected, and a quick look at some of the latest developments in the fight against ransomware.

Protecting your clients

A great way to protect your small and midsize business clients is to teach them key preventative measures that will help them avoid a ransomware infection. That means steering clear of clickbait and refusing to open email attachments unless they’re absolutely certain that it’s safe to do so.

Keep in mind, however, that cybercriminals are getting more sophisticated all the time, and you need to watch out for more than just poorly written phishing emails. These days, ransomware is often spread through very professional-looking emails and websites that, for example, invite users to download a job application or try out a new piece of software.

You’ll also want to make sure your clients keep their applications updated and secured with firewall and antivirus software. These tools can help prevent some ransomware infections. Just remember that when it comes to ransomware and other forms of malware, there’s no such thing as bulletproof security. Given the rise in the frequency of attacks–and the craftiness of many cybercriminals–it’s only a matter of time before your one or more of your clients is hit with ransomware.

That’s why, in addition to prevention measures, it’s important to focus on threat mitigation. That means helping clients implement a high-quality backup system like Carbonite, which offers point-in-time restore capabilities that let you turn back the clock to a time before the attack happened.

A system like Carbonite ensures that if your clients ever become victims of a ransomware, all you’ll need to do is remove the virus, delete the infected files and restore clean versions from backup. It’s as simple as that.

Think you’ve seen the worst? Think again

Ransomware attacks are proving to be highly profitable for cybercriminals. That’s part of the reason why IT security giant Palo Alto Networks is predicting that the current spate of ransomware activity will get far worse before it gets better.

In a new report, security researchers at Palo Alto Networks called cryptographic ransomware “one of the greatest cyberthreats facing organizations around the world.” The report goes on to predict that the spike in ransomware attacks will continue as cybercriminals target more technology platforms and demand increasingly higher ransoms over time.

Kaspersky dukes it out with CryptXXX authors

Researchers at the prestigious IT security company Kaspersky Lab are in an all-out battle with cybercriminals like the authors of CryptXXX ransomware.

Kaspersky last month released a free decryption tool for CryptXXX that allowed victims to get their data back without paying the substantial $500 ransom. But it was only a matter of days before the CryptXXX authors fired back with a new version of the ransomware that was immune to Kaspersky’s decryption key. But Kaspersky refuses to give up. The company has just released yet another decryption key that–for now, at least–will allow users to get their data back without paying up.

This ongoing game of cat and mouse proves that ransomware authors will persevere in their quest to grab dollars from unprotected victims. They’ll keep trying to find new ways to infect your clients’ computers regardless of what security researchers throw at them.

AlphaLocker takes Ransomware-as-a-Service to a new low

It’s not very difficult to become a cybercriminal these days. You don’t even need to be tech-savvy.  A new Ransomware-as-a-Service (RaaS) called AlphaLocker is making it easier and less expensive for just about anyone to get into the ransomware game.

Like all forms of RaaS, would-be cybercriminals can purchase the AlphaLocker malware kit from its authors and begin holding people’s data for hostage. What makes AlphaLocker different from other forms of ransomware is its relatively low price point–$65 in bitcoins.

“The lower price point allows ‘less-skilled’ ne’er–do–wells to possess and control (and profit from) ransomware, with little to no coding and zero ramp-up time,” Cylance security researcher Jim Walter wrote in an AlphaLocker review.

Jessica Couto is Vice President of U.S. Channel Sales & Marketing at Carbonite, a provider of cloud and hybrid backup and disaster recovery solutions for small-to-midsize businesses. Learn about the benefits of partnering with Carbonite and apply to become a Carbonite Partner today.