Ransomware is here to stay

Keep in mind 3 things, so you can get a little sense of how big is the picture really is:

1. There are numerous variants of each type.
2. No one can map all the existing families out there since most attacks go unreported.
3. New ransomware is coming out in volumes at an ever-increasing pace.

Cyber criminals are not just malicious hackers who want public recognition and are driven by their quest for cyber mischief. Today they’re business-oriented guy and seek to cash out on their efforts.  These attacks employ a subtle mix of technology and psychological manipulation, known as social engineering.

By the day, with the new age of digital systems, are met the conditions for a perfect storm, which makes it the easiest and viable source of money for any malicious hacker out there:

The number of infections would drastically shrink if all users were vigilant. But most people aren’t, and they end up clicking infected links and other malicious sources.

Criminals have various types of Internet users to attack, and why they target these types of users! Things happen because:

Home users:

• Because they don’t have data backups;
• Because they have little or no cyber security education;
• Because they’ll click on almost anything;
• Because the same lack of online safety awareness makes them prone to manipulation by cyber attackers;
• Because they lack even baseline cyber protection;
• Because they don’t keep their software up to date;
• Because they fail to invest in need-to-have cyber security solutions;
• Because they often rely on luck to keep them safe online;
• Because most home users still rely exclusively on antivirus to protect them from all threats, which is frequently ineffective in spotting and stopping ransomware;
• Because of the sheer volume of Internet users that can become potential victims (more infected PCs = more money).

Businesses:

• Because that’s where the money is;
• Because attackers know that a successful infection can cause major business disruptions, which will increase their chances of getting paid;
• Because computer systems in companies are often complex and prone to vulnerabilities that can be exploited through technical means;
• Because the human factor is still a huge liability which can also be exploited, but through social engineering tactics;
• Because ransomware can affect not only computers but also servers and cloud-based file-sharing systems, going deep into a business’s core;
• Because cyber criminals know that business would rather not report an infection for fear or legal consequences and brand damage;
• Because small businesses are often unprepared to deal with advanced cyber-attacks and have a relaxed BYOD (bring your own device) policy.

Public institutions:

• Because public institutions, such as government agencies, manage huge databases of personal and confidential information that cyber criminals can sell;
• Because budget cuts and mismanagement frequently impact the cybersecurity departments;
• Because the staff is not trained to spot and avoid cyberattacks;
• Because public institutions often use outdated software and equipment, which means that their computer systems are packed with security holes just begging to be exploited;
• Because a successful infection has a big impact on conducting usual activities, causing huge disruptions;
• Because successfully attacking public institutions feeds the cyber criminals’ egos.

Do you know what are the most common infection methods used by cybercriminals today?

Se the list below:

• Spam email campaigns that contain malicious links or attachments;
• Security exploits in vulnerable software;
• Internet traffic redirects to malicious websites;
• Legitimate websites that have malicious code injected in their web pages;
• Drive-by downloads;
• Malvertising campaigns;
• SMS messages (when targeting mobile devices);
• Botnets (can be used to perform Distributed Denial Of Service Attack, steal data, send spam, and allow the attacker access to the device and its connection);
• Self-propagation (spreading from one infected computer to another).

Conclusion

Each new variant is a bit different from its percursor. Malware creators incorporate new evasion tactics and pack their “product” with piercing exploit kits, pre-coded software vulnerabilities to attack. It’s why is important to make a good security policies and safe data assets protection, they'll made the difference when the attacks occurs!