We’ve seen the explosion of ransomware over the past year
and it’s showing no signs of stopping anytime soon. Cyber extortionists are not
only flocking to this method, they’re evolving it to fit their malicious needs.
This is the reason we’ve seen multiple iterations of TeslaCrypt being produced,
with each copy being independently developed by another group, to fit the needs
of the particular developers or their clients.
You can find everything you need regarding TeslaCrypt in this well
written blog post: http://soft2secure.com/knowledgebase/teslacrypt-3-0
With TeslaCrypt being used as a standard in many ways, it’s interesting
to see how malicious developers have countered each version of TeslaCrypt to
advance their malware with new “features”. These new features allow for the
malware to: evade anti-virus, ransom files with better encryption, include
additional file types, etc. As the opportunity exists for attackers to make
money from this threat we’ll continue to see ransomware infect our networks. I
personally don’t think this will be the end of their features and I’m concerned
that we’ll start seeing other “data” or “access” ransomed in the near
future. Once the bad guys see a
successful way to make money they evolve it, just like they do their tools, to
fit their needs. We’re only seeing the tip of the iceberg with TeslaCrypt and
other just like it.
With this being said, the best way not to fall victim to
this attack is backing up your files on a regular basis. If you have a recent
backup of your data there’s no need to pay someone to get it back. Please,
consider backing up your files. A service like SpiderOak is great for this type
of “unmapped” backup, where new data is copied up to the cloud for backup right
away. If you read the above article
you’ll know that mapped drives are part of what TeslaCrypt and other ransomware
variants crawl into right away.
Ransomware is showing no signs of slowing, but if we back up
our data, patch our systems and use some common sense with clicking links, we
can limit it to an extent. As soon as it’s no longer viable for criminals to
make money off this scheme, they’ll move on. It’s up to us to dissuade them.
"Ransomware is showing no signs of slowing" - Agree. And, unfortunately, ransomware data recovery is still not available for most ransomware.
ReplyDelete