Virulent new strains of ransomware continue to spread leaving many IT departments caught with their backups down.
KnowBe4, one of world’s most popular integrated Security Awareness Training and Simulated Phishing platform, cautioned IT managers to stay on top of the latest surge in phishing attacks lest they lead to ransomware infections. New CryptoLocker variants are still on the loose encrypting local drives, mapped drives on file servers and one strain focuses on video gaming files. Ransomware is now even being localized for Asia with the new Crypt010ocker variant which translates its menu screens according to the victim’s IP address. One of the latest versions of the Koler mobile ransomware targets the Canadian market and locks up screens with fake government warnings and demands a ransom to return functionality.
According to KnowBe4 CEO Stu Sjouwerman, “Users can become complacent or can be tricked by social engineering into clicking on a malicious link buried in a spear phishing email or being redirected to a bad site and clicking on something they shouldn’t. IT departments may believe their anti-virus has them covered but the average window of exposure is 17.5 hours before a signature that blocks the phishing attack becomes available. And surprisingly often backups turn out not to work or it takes days to restore a system. Today, an essential additional security layer is to train your users to become part of your human firewall.”
Recent research sponsored by KnowBe4 shows email phishing attacks are now the number one source of data breaches with human error at the bottom of it all. A recent study sponsored by KnowBe4 shows 67% of respondents say malware has successfully penetrated their corporate networks through email with web surfing a close second at 63%. Another 23% say malware has infiltrated their networks but they still don’t know how. The latest Verizon report shows that approximately 23% of recipients click on a phishing email and most of that occurs within the first hour of receipt. Recovering from such a tactic, even if backup works, can take hours or days.
And the cyber criminals won’t discriminate, being so bold as to capture and encrypt the files of many local police departments who are often overworked, understaffed and without a large IT budget. From Maine to Tewksbury, Massachusetts and larger areas like Chicago suburb Midlothian, police departments are being shaken down for ransoms from $300 to $600 or face critical data loss as an alternative.
Sjouwerman added, “Businesses that do not train their staff report annual losses of four times greater than those who do. It is much less expensive to train your staff with an effective program like the Kevin Mitnick Security Awareness Training than suffer the consequences of a data breach and loss of customer confidence. “
- The rule “Patch Early, Patch Often” still applies, but these days, better to “Patch Now” all workstations for both OS fixes and popular third party apps that are part of your standard image rolled out to end-users. A product like Secunia can scan for all unpatched third party apps.
- Make sure your Backup/Restore procedures are in place. Regularly TEST, TEST, TEST if your restore function actually works. The latter is often overlooked.
- End users need to be stepped through effective security awareness training so that they are on their toes with security top of mind when they go through their email or browse the web.