New ransomware and new variants of a previous ransomware are being observed by cyber security experts. The ransomware business is huge; a study released in June, 2017 said more that $25 million has been paid in ransom in the last two years. The study was conducted by researchers at Google, Chainalysis, UC San Diego, and the NYU Tandon School of Engineering.
A new type of ransomware called Defray was recently identified by Proofpoint, a cyber security company. It is spread by targeted emails to select industries, including healthcare, technology, education, and manufacturing. The ransomware is launched once the recipient opens the Word document attachment, which is designed to appeal to the target recipient. Ransoms have been reported to be $5,000, but the criminal provides an email address for questions, or opportunity to negotiate a lower ransom.
Researchers have seen a recent resurgence in the ransomware Locky. Cyber security experts say Locky ransomware first appeared in 2016. It has been distributed in various ways, including Word and Excel document attachments which contacts the malicious coding. If an unsuspecting recipient of the email opens the attachment, the ransomware is launched.
The email subject of one of the current new variants is “Payment” and the body content has a simple message such as “Here is a copy of your payment receipt”. Another variant has body content such as “Files attached. Thanks”.
What you can do
Businesses should continue to remind employees of the devastating impact of them carelessly opening an email from someone they do not know. Opening attachments can quickly infect a network system if the attachment includes malware.
Systems need to be regularly backed up. Perform a periodic audit to ensure your IT staff is properly backing up your systems on the designated schedule.
If you are a victim of ransomware (whether you pay or not), report it to your local FBI office or file a complaint online with the Internet Crime Complaint Center, at www.IC3.gov.
About the Author - Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!