The Frighteningly True Cost of Ransomware Part 1

January 30, 2018
, , Ransomware

ransomewareYou’ve heard the stories. You’ve seen the movies. Someone is abducted and held for ransom. From there the plot thickens and unfolds until, at last, the ransom is paid, the hostage is returned, and the criminals are caught.

However, by now you are beginning to understand that ransom in the 21st Century deals less with holding people hostage and more with blocking access to your computer and holding your data hostage.

Of course, that will never happen to you.

Or will it?

A Dose of Reality

People who think that they will never be attacked by ransomware are living in a fantasy world. Here is what is happening in the real world. Right here. Right now.

According to a report by Malwarebytes:

  • Companies, large and small, are attacked by ransomware every 50 seconds.
  • Individuals are attacked every 10 seconds.
  • Total ransomware damage is expected to exceed $5 billion dollars this year.
    • That’s $5,000,000,000.
  • 60% of all malicious cyberattacks in 2017 were ransomware.
    •  Advertising fraud comprise another 20%.
    • Download, backdoor, botnets, and all other forms of attack combined made up the additional 20%
  •  Ransomware variations have increased by 430% in the first quarter of 2017 compared to the same period in the previous year.
    • One readily-available ransom software package releases new updates approximately every 8.4 days!
  •  71% of companies targeted by ransomware have been infected.
  • 72% of all businesses lost access to their data for 2 days or longer.
    • 96% lost an entire day’s worth of data
    • 61% lost 3 or more days’ worth
    • 32% lost 5 or more days’ worth
  • 66% of all ransomware attacks now use network file-sharing protocols to infect computers.
    • These attacks do not require you or an employee to make an error in judgment.
    • They simply attack weak passwords or other security points.
  • 75% of corporate ransom attacks infect three or more employee workstations.
    • 50% of corporate ransomware attacks infect at least 20 employee workstations.
  • The most favored variant of ransomware spreads like an infection. Once it is in your system, it spreads from device to device.

A Warning of Things to Come

There is no apparent decline in ransomware attempts. There is no reason to expect that there will be. Consider these two facts which we will embellish in a following article:

1. Ransomware has become a lucrative cybercriminal business, garnering multiple millions of ill-gotten dollars. By “business” we mean central figures operating with affiliates who split the take.
2. Ransomware has attracted amateur wannabes. These people are more likely to get caught, but that does not lessen the degree to which they can inflict damage.

Tech Sentries works diligently to keep you aware of potential dangers and how to take a few, common-sense steps to Guard Your Technology and to ensure the safety of your data and devices.

Keep up to date with us as this series continues to unfold and to reveal the realities of ransomware – and what it could cost you and your business.

We are as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “Guard Your Technology” (843-282-2222).

the state of ransomware

Why Small Businesses Should Be Very Concerned About Ransomware Attacks

September 11, 2017
Malware, Ransomware

the state of ransomwareIf you are thinking, “Oh, no. Not another article about ransomware,” you need to read the rest of this report.

CNN broadcasted a segment on July 27, 2017, informing viewers why small businesses in particular should be very concerned about potential ransomware attacks. The broadcast stemmed from the release of the “Second Annual State of Ransomware” study conducted by Osterman Research.

The Damage Is Often Worse Than the Ransom

In an earlier newsletter we shared the pervasiveness of ransomware. No one is immune from ransomware attacks.

The common mindset of small business owners is that ransomware protection is a priority for major enterprises as opposed to SMBs.

As it turns out, small businesses are at great risk and, proportionately, have much more to lose, according to the Osterman data. The greatest potential for SMB loss is not the ransom itself, but the damage resulting from the intrusion.

  • 16% of SMBs experienced operating downtime of 25 hours or more. Some were hobbled by more than 100 hours of downtime.
    • 93% of those (15% overall) suffered a loss of revenue due to the downtime.
  • 22% of SMB victims of ransomware attacks were unable to recover and subsequently had to close their doors.

Small Businesses Lack Adequate Reserves

“Cash reserves” is a standard business term that is seldom heard in the SMB realm. Small businesses typically operate on a small amount of capital. It is rare when small businesses include cash reserves in their budgets. The cash reserves set aside by their larger “cousins” do not make them less vulnerable to ransomware attacks, but they do help to mitigate the consequences of the aftermath of an attack.

Small Businesses Lack Adequate Resources

According to the report,

  • 27% of SMBs could not identify how their systems were accessed.
  • 33% reported the malware infection had spread to multiple network devices before being detected.
  • 64% of attacks in the U.S. were perpetrated by infected email attachments or links.

Small businesses seldom have the IT infrastructure of corporate discipline to ensure that their systems are adequately protected and that their employees are complying with company rules regarding internet security. For a variety of legitimate reasons, many SMBs do not have a disciplined way of keeping their digital security up to date.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

What in the World Are Hackers Thinking?

September 6, 2017
Ransomware, Security

hackersWe already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE PERSONA MOTIVATION
White Hat Good guys Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat Guns for hire They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat Wolves in sheep’s clothing They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies Trainees They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists Protesters They are employed by governments to gain information and/or attack foreign entities.
State Sponsored Warriors They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies Corporate Spies Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists Terrorists They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Ransomware Satana

The Latest Ransomware from Hell: Satana

July 15, 2016
, , Ransomware

It sure seems that ransomware is rampant! As soon as we get control of one virus, the cyber criminals are at it again, creating an even more vicious strain of ransomware, spyware, malware and any other “ware” that will bring harm to your computer. The fight must go on and we will work hard to keep you informed of the latest dangers to your system and help you to stay safe.

One of the most recent discoveries of ransomware is a malware that has been nicknamed “Satana.” This could point to Russian roots. The two things this Trojan will do is corrupt and encrypt the Windows Master Boot Record, which means that the booting process on Windows is otherwise corrupted, your computer will be unable to determine which partition actually stores theRansomware Satana blocked.

Here’s a little education for those who might need it. The master boot record, or “MBR” is part of your hard drive. It stores information on the system’s files that various disk partitions use, along with the main partition that stores your operating system. If this becomes corrupted or encrypted, your computer loses critical information. Once your computer is unable to find this information, it cannot boot up.

The criminals behind “Satana” have taken this one step farther and not only locked these encrypted files into place, but also caused the booting system to be completely locked. The code in the MBR is then replaced with the code of a ransom note and the nightmare starts.

Satana Ransomware

There is some good news here. The MBR can be repaired with the right skills. It can take some serious understanding of how to navigate inside the command prompt and the OS restore feature. The average computer user will not feel at ease doing this and therefore will often get themselves in even deeper trouble. Basically, even if you could get Windows unlocked and get your OS turned back on, the encrypted files have yet to be recovered and while a cure is underway, none has been successful yet.

Satana has not become very widespread or sophisticated yet, so now is the time to get a grip on how to protect yourself! You must keep a close watch on these viruses and threats—that is your first and best defense. Follow our simple advice below to stay as safe as possible:

1. Regularly perform backups on your data! We can’t stress this enough.

It’s the only insurance policy you have against a ransomware attack. If you’re properly backed up, retrieving your files is not generally a big deal once the operating system has been reinstalled.

2. NEVER open emails with attachments you aren’t sure about.

Even if the link or attachment seems to have come from someone you trust, don’t open or click on anything you aren’t sure of. It’s the number one entry point of a virus into your system. The same goes for opening suspicious emails.

3. Get reliable anti-virus protection.

Tech Sentries will provide you with all the information and services you need to stay safe!

4. Follow Tech Sentries Guardian newsletter!

This is the best way to stay informed and aware. We find the malware and ransomware threats and pass them on to you BEFORE you become a victim.

Call Tech Sentries today (843-282-2222)! Stay safe while we do all the work behind the scenes.

Ransomware Virus Zepto

ALERT: Over 130,000 E-Mails Sent By New Ransomware Virus Zepto

July 8, 2016
, Ransomware

Ransomware known as Locky hasn’t been very active in the last several weeks but now has resurfaced in a big way, and it’s extremely concerning. While Locky isn’t new, it appeared to have gone dormant awhile back. However, the creators of this vicious ransomware are just as evil now as they were then. There is now a brand new strain of this virus known as Zepto.

Unfortunately, it has struck its first victim. More than 130,000 emails were sent to users, tailor made for each email recipient. They were sent to look as though they came from executives in their respective companies. These emails were made to look official and came with instructions for the recipient to open and review various documents. As soon as that link is clicked on, the Ransomware Virus Zeptovirus gets in and the crisis starts.

It has been reported by International Business Times that Zepto is closely related to Locky based on three criteria:
• Both Locky and Zepto use RSA tools of encryption
• The same files are used to infect computers
• The ransom messages sent out to recipients is very similar

Here’s what you can do to protect yourself now!

• Perform a security update immediately! Updates are issued as soon as security companies discover any holes. This can only happen if you perform regular updates, so it’s crucial that you stay up to date on your security software.
• Don’t use security programs that use blacklisting technology only. If you employ security programs that also implement whitelisting technology, you will ensure your online safety. The threat of malware is constant and you need the right technology to combat it. This means whitelisting AND blacklisting.
• Make sure you have an up-to-date operating system. Seems rather benign, but it’s super important when it comes to cyber security! Keep in mind that performing updates will allow your system to repair itself automatically when problems are detected. If you don’t run updates, your system will not fix the issues. Your computer will scan for potential problems as you perform system updates.

The best way to stay safe is to stay connected with Tech Sentries. We have many options to make sure your system is backed up automatically, as well as protected against viruses of all kinds. Let us do the work for you so you don’t find yourself in a security nightmare. Tech Sentries is the best option available to both home and business users.

Call us today 843-282-2222 and stay informed!

common computer virus

Stay Safe from Two of the Newest Ransomware Viruses

July 5, 2016
Ransomware

Ransomware is a beast for sure. It has a sneaky way of flying under the radar and is always changing so it’s hard to detect it. To help you stay safe, we’re letting you know of two new ransomware viruses that have recently come to our attention and could seriously impact your computers.
You might know or heard about CryptoXXX, Cerber and even Petya, but how about MIRCOP or Bart? The last two are new ransomware viruses desperately trying to get into your computer and cause you all kinds of virus problems.

MIRCOP is particularly nasty. They are turning the tables by making themselves look like the victim with YOU as thecommon computer viruses perpetrator! Hard to believe? Well, it gets worse. They send notices to you claiming that you have stolen bitcoins from them and that the only way they will leave you alone is if you pay them $33,000 USD to solve the matter. They claim to know a lot of your personal information and this, of course, lures people in simply by using the fear tactic. HOWEVER—this particular virus company has yet to actually collect any of this money, as most people aren’t going to give them the time of day once they see that amount! If you see anything at all with the name MIRCOP, close it, do NOT open any attachments, and just be aware of your activity.

BART is another ransomware virus out right now. While your files are not encrypted, what it does do is steal your files and put them in a password-protected zip file, making them inaccessible to you. The file name will change to something with Bart in it, and once this has happened to all your files, you have no recourse. They will send you a ransom demanding of at least $1800 and at that point, the damage has already been done.

So what do you need to know?

First, both of these new ransomware viruses get spread through the use of email, so NEVER open anything that has either of these names in it. It’s especially important not to click on any links.
Second, call Tech Sentries TODAY and let us protect your computer and all the files you have without ever having to even think about it! We provide Proactive Whitelist Virus Protection and can provide encrypted backup so you don’t have to. Tech Sentries will give you the peace of mind you deserve when it comes to your computer safety, so call us today and find out how easy it really is!

1 2