Ransomware as a Service: What You Need to Know

The rising ransomware threat causes many business executives to sweat when they think of it. Ransomware as a service, or ransomware for hire, is even worse. It’s bad enough that hackers can use it. Selling ransomware, however, means that anyone can become a cyber criminal–and that means that even more businesses are at risk. 

What’s on the Market?

There are several common forms of ransomware now on the market. It’s available to a variety of people who are hoping to make money off of cyber crime–and there are all too many forms available.

WannaCry

In May 2017, Wannacry was the Ransomware on every news headline and was even mentioned during a White House press conference. This worldwide attack, caused by a ransomware cryptoworm started on May 12, 2017 and infected over 230,000 computers in at least 150 countries.

  • Infects computers that failed to install Microsoft’s March 14th security patch for EternalBlue.
  • WannaCry spreads across local networks and the internet to exploit vulnerable networks.
  • Microsoft finds WannaCry serious enough they even released a security patch for their unsupported operating systems such as Windows XP and Windows Server 2003.

Cerber

In early 2017, Cerber became the most common form of ransomware on the market. This dangerous program is currently holding about 87% of the market on cyber crime. What do you need to know about Cerber?

  • It has robust encryption programs that are hard to break.
  • Cerber doesn’t have to be online in order to work effectively–it works offline just fine.
  • Cerber is geographically defined; it won’t attack computers that identify as being from a certain region. Unfortunately, American computers aren’t on its list of targets to avoid.

Stampado

For just $39 and a percentage of profits made from the attacks, cyber criminals have a program that can encrypt an entire system and leave a business struggling to come up with answers. Several key things you should know about Stampado:

  • After just six hours, Stampado begins deleting programs on the system if the ransom isn’t paid
  • Within 72 hours, Stampado will delete the entire system.
  • Stampado is a fairly simple form of malware that’s comparatively easy to decrypt. Its challenge lies in the short timeline, which often causes those who have been attacked to feel pressured to pay the ransom fast.

Satan

Satan is set up as a business system–and actually has a fairly complex system in place to deal with it. What do you need to know about Satan? Well…

  • Satan is set up to make it difficult to track: interested users open an account on the DarkWeb, which then allows them to process payments without going back to their own account.
  • Satan is notoriously difficult to decrypt without the encryption codes; it’s been described as “nearly impossible.”
  • Satan can even access CRM and technical support files, making it an extensive threat to many companies.

Findzip or Filecoder

Think your Mac is safe? Think again! Findzip, also called Filecoder, is designed specifically for Mac devices. If you’re concerned with or have been infected by Findzip, make sure you’re aware of these things:

  • The creators of Findzip can’t offer you a decryption code, even if you pay the ransom.
  • Findzip is considered to be the “unbreakable” encryption.
  • Findzip can be fixed! Following the steps outlined by Malwarebytes–or hiring someone to take care of decrypting your machine or network–can help you restore your files, even if you don’t have a backup in place.

What Can You Do?

Ransomware is, unfortunately, everywhere. No device is safe. From your PC to your Android or Mac devices, there are forms of ransomware out there that can target anyone. Fortunately, there are steps that you can take to protect your company.

Be aware of how ransomware is delivered.

The most common delivery method is email: click on a suspicious link, and suddenly, your computer is infected. Make sure every person who uses one of the machines in your business knows how to avoid picking up viruses this way.

Keep your security updated.

Make sure you’re running the latest versions of your malware protection software. Keep your firewalls in place. Take all the steps necessary to make sure that your business is protected.

Make backups a priority.

Your backups should be stored off-site, or at the very least in a place not connected to your regular network. This will enable you to restore your system if you’re attacked by ransomware.

Don’t pay the ransom.

If at all possible, you should avoid paying the ransom. Seek out quality cyber security support instead. When you pay the ransom, you aren’t guaranteeing that you’ll get the decryption codes–and you are ensuring that criminals will continue to profit, which means that they’ll continue to put out and use ransomware.

Ransomware as a service has made ransomware available to anyone who is willing to turn to cyber crime to make money. Fortunately, you can still protect yourself. Contact us today to learn how we can help make your business more secure and protect you from ransomware and other cyber threats.

Advertisements