A recent Telstra survey of more than 300 Australian businesses revealed that 48% had been attacked with ransomware last year. This represents a huge increase on previous years. And it’s only going to get worse. In addition, of the businesses infected, 50% paid the ransom demand. No, not because the data kidnappers threatened to send the owners little pieces of circuit board back to them in the post, but because they’d been caught out. Perhaps they hadn’t backed-up their system recently. Or they feared a release of sensitive data. Whatever the reason, being locked out of your own system is a confronting scenario.
So, what exactly is Ransomware?
Simply put, it’s a security principle that’s been turned against you. As a result, a system vulnerability is exploited and your files are encrypted. You now have to pay to have them decrypted. A message will appear on your screen demanding Bitcoin. Sometimes with a count-down clock that threatens the complete loss of data when the time runs out.
The MegaCortex is out to get You
According to Sophos, a new variant of ransomware called MegaCortex is currently infecting business networks across Australia. It’s sophisticated and multi-layered. It uses previous malware infections still resident on networks to take thorough and effective control of a system. In addition, it employs three layers of obfuscation.
Sophos Senior Security Advisor John Shier said, “Once they have your admin credentials, there’s no stopping them. Launching the attack from your own domain controller is a great way for the attackers to inherit all the authority they need to impact everything in an organisation. Organisations need to pay attention to basic security controls and perform security assessments, before the criminals do, to prevent attackers like these from slipping through.”
It’s Time to Get Serious about Ransomware
A serious data security plan to prevent or minimise adverse effects from a ransomware attack is as necessary as locks on your door. Continuous backups, better admin authentication, VPN’s for remote workers, specific anti-ransomware software and 24/7 monitoring for infection are some of the steps a data security company can instigate for you.