Tuesday, April 12, 2016

TeslaCrypt Still on the Rise

We’ve seen the explosion of ransomware over the past year and it’s showing no signs of stopping anytime soon. Cyber extortionists are not only flocking to this method, they’re evolving it to fit their malicious needs. This is the reason we’ve seen multiple iterations of TeslaCrypt being produced, with each copy being independently developed by another group, to fit the needs of the particular developers or their clients.  You can find everything you need regarding TeslaCrypt in this well written blog post:

With TeslaCrypt being used as a standard in many ways, it’s interesting to see how malicious developers have countered each version of TeslaCrypt to advance their malware with new “features”. These new features allow for the malware to: evade anti-virus, ransom files with better encryption, include additional file types, etc. As the opportunity exists for attackers to make money from this threat we’ll continue to see ransomware infect our networks. I personally don’t think this will be the end of their features and I’m concerned that we’ll start seeing other “data” or “access” ransomed in the near future.  Once the bad guys see a successful way to make money they evolve it, just like they do their tools, to fit their needs. We’re only seeing the tip of the iceberg with TeslaCrypt and other just like it. 

With this being said, the best way not to fall victim to this attack is backing up your files on a regular basis. If you have a recent backup of your data there’s no need to pay someone to get it back. Please, consider backing up your files. A service like SpiderOak is great for this type of “unmapped” backup, where new data is copied up to the cloud for backup right away. If you read the above article you’ll know that mapped drives are part of what TeslaCrypt and other ransomware variants crawl into right away. 

Ransomware is showing no signs of slowing, but if we back up our data, patch our systems and use some common sense with clicking links, we can limit it to an extent. As soon as it’s no longer viable for criminals to make money off this scheme, they’ll move on. It’s up to us to dissuade them.

1 comment:

  1. "Ransomware is showing no signs of slowing" - Agree. And, unfortunately, ransomware data recovery is still not available for most ransomware.