Your sensitive data is the foundation of your business, but unfortunately, your data is constantly at risk – from natural disasters to human errors to malicious intent, many businesses have experienced some form of data loss; and the latest form of ransomware strives to steal and encrypt as much data as possible.
Introducing CryptoWall 2.0: a form of ransomware that uses malicious ads on dozens of major websites, including Yahoo, AOL, and Match.com, to infect victim’s networks. While the websites aren’t infected, the ads on the websites are. Essentially, it’s a drive-by-download, where the victim actually becomes infected without clicking on anything.
Proofpoint, a security-as-a-service provider, explained, “the sites themselves weren’t compromised, rather, the advertising networks upon which they relied for dynamic content were inadvertently serving malware.”
So what does this mean for your business? The answer is simple: all of the data you’ve worked hard to create and store is at risk. CryptoWall 2.0 is dangerous and it’s infecting victims’ networks at a rapid rate – more than 830,000 individuals worldwide have experienced an infection!
Once the ransomware enters a network, it encrypts files and places them in a folder of encrypted files. If the victim clicks on any of the files, a message appears, stating something along the lines of:
“Your files have been encrypted. To receive the key to decrypt the files, you must pay 500 USD/EUR. If payment isn’t made before [date], the cost of decrypting files will increase to 1000 USD/EUR”
Typically, the first ransom has a deadline of approximately 4-7 days, however, after the deadline, you’re asked for double the amount. According to Proofpoint, the cybercriminals make an average $25,000 per day! Now of course, the question we’re all wondering, what can be done to stay safe? Here’s 6 important tips:
- Make sure you’ve patched end-points: Windows and all third party apps should always be fully patched, and apps that aren’t necessary should be uninstalled, in order to eliminate unnecessary end-points.
- Enable click-to-play for plug-in based content: Most browsers, including Google Chrome and Mozilla Firefox, allow an option to enable click-to-play for plug-in based content, which prevents automatic execution.
- Create an acceptable use policy for employees: Create and enforce an acceptable use policy to disallow employees from browsing inappropriate or potentially malicious websites.
- Implement a malware detection solution: A malware detection solution, whether it’s targeted threat protection (TTP), targeted attack protection (TAP), or any other name, should be implemented on every workstation.
- Use ad-blockers for all browsers: Always use ad-blockers for all browsers used throughout your organization or implement endpoint security that includes ad-blocking features.
- Backup your data on a regular basis: Of course, this is the most obvious tip – if your data is backed up, there’s no need to worry about an infection because you’re able to simply recover your files and move on.
Aside from these simple tips, make sure you’re conducting regular security awareness training for your employees.
Interested in learning more about CryptoWall 2.0 and how to protect your data? Give us a call at (02) 8212 4722 or send us an email at [email protected]. Sydney Technology Solutions offers IT security services & consulting to help you stay up to date and protected against the latest security threats!