News

Is Your IT Security Being Held To Ransom?

Tue, 08/30/2016 - 09:11
Data Backup

Ransomware is coming into the spotlight. It’s a type of malware that hasn’t been greatly publicised in the past but is becoming more popular by cyber-attackers. Basically, it holds your data to ransom by installing itself and encrypting your files, then threatens to delete said data should payment not be made in time. It’s a threat to IT security that should no longer be overlooked.

 

So what’s the buzz?

 
global survey by Trustwave in 2014 showed that already 2% of industrial IT security breaches are made by ransomware. A quick search on Google News will show that there is definitely a buzz about it on the information highways. For instance, ZDNet reported a new threat by the name of CTB-Locker during the release of Windows 10. The specific threat was particularly crafty in that it used the latest release of Windows 10 by pretending to be an upgrade file. Once a user “installs” it, files were encrypted on the machine and the user was locked out. The ransom note then appeared with further instructions on making payment.
 
Other types of ransomware don’t use encryption to lock the user out. Instead, attackers get creative in accusing the user of a legal transgression with steps on how the transgression might be “forgiven”. Such steps might involve paying some kind of fine before the slate will be wiped clean and the user’s system be made accessible.
 
There are examples of ransomware repeatedly displaying random images on the screen thereby blocking the normal use of the computer. The only solution offered by the attacker is to pay a fee to have the images removed.
 

What to do, what to do?

 
All this can be very distressing for the victim, especially when a solution isn’t very obvious. Traditionally, people are told to ensure that their anti-virus software is up to date. IT departments would typically use a failover environment in order to gain access to the system again after the ransomware lockout. Both these practices are good and well but they could prove ineffective:

  • IT security protected by anti-virus software alone will still be vulnerable to ransomware since this type of malware isn’t identified as a virus. Even a leading anti-virus software provider, Avast, released a specialised tool specifically for the “Simplocker” infection for Android devices.
  • Failover environments are essentially standby copies replicated from their active counterparts. If such an environment is kept in sync in a real time, malware will most likely end up being replicated to the failover environment as well.

According to the experts at Redstor, the most effective way around this is by being able to restore your system to an earlier state – before the infection took place. This requires that stringent IT security measures be put in place which includes regular and reliable data backups that are also instantly accessible. Remember: the more regular the backups, the less business time gets lost; and the more accessible the backups, the sooner the systems are available.

Recent Articles

Redstor_Alternative_accountancy_strategic_blog Redstor

Redstor Accounting For Financial Data Backups at The Alternative Accountancy Strategic IT Conference 2018

Continuing from a series of events in the first two months of the year, Redstor will be in attendance of this years, Alternative Accountancy... read more

February 20, 2018
Redstor_CryptoJacking_blog Data Protection

Crypto-jacker Leaves ICO In Its Wake

Cyber-attacks and ‘hacks’ made regular headlines throughout 2017, and in the UK the Information Commissioner’s Office (ICO), was there to oversee all... read more

February 15, 2018
Redstor_100Days_to_GDPR Data Protection

100 Days To Go…

Wednesday 14th February 2018, valentine’s day, but more significantly it’s 100 days until G-day. May 25th, 2018, the day on which The General Data... read more

February 14, 2018