2017: The Year of Ransomware


Last was a lousy year for the security of private and sensitive data. We saw mega-hacks, an expansion in ransomware attacks, and single breach that left 50% of all Americans defenseless against fraud and stolen identities. As per Gemalto's Data Breach Index, more information was lost or stolen in the first half of 2017 (1.9 billion records) than in the entire of 2016 (1.37 billion) and that was before the biggest breaches of the year.

Taking a look back, we saw a huge increase in ransomware in 2017 (generally on account of two massive global attacks). As indicated by new research from anti-virus software firm Bitdefender, ransomware payments hit $2 billion in 2017, twice as much as in 2016. Ransomware assaults are anticipated to proceed in recurrence and hostility as they turn out to be more sophisticated and harder to stop. The US was the biggest and easiest target. The 2017 Internet Security Threat Report, discovered 64% of Americans are willing to pay a ransom, contrasted with 34% globally. Furthermore, the average ransom spiked 266%, with criminals demanding an average of $1,077 per victim.

Ransomware at a Glance

Ransomware is a type of malware that fundamentally takes hostage of systems, either by locking the user out totally, or locking documents so they can't be accessed. The most widely recognized action of hackers is to encrypt documents and force users to pay a ransom to get the decryption key. Ransomware is a virus delivered, usually, through a link. Once the user clicks the link, the virus assumes control and can spread to the rest of the corporate network. The user is given a message clarifying their records have been abducted and given directions on the most proficient method to send payment. Other more aggressive types of ransomware don't depend on conventional phishing, yet rather exploit security holes to infect systems. NotPetya and WannaCry were two such attacks this year.

Let’s take a look at some of the noteworthy ransomware attacks of 2017:

Spoiler Alert

A breach of HBO in June prompted the theft of 1.5 terabytes of data, including full episodes of unreleased shows. The hacker demanded payment of millions of dollars to stop the release of show episodes. HBO stood firm and didn't give in, however, endured a rough couple of months as the hacker gradually released the stolen materials, including a script for unaired episodes of Game of Thrones. The hacker was finally captured by the FBI in November. The hacker, in this case, targeted clients who could remotely access HBO's computer systems.

The Great KQED Ransomware Attack

One of the biggest public media organizations in the US encountered a two-month nightmare over the summer of 2017. KQED, the NPR station, servicing the San Francisco region, was hit with a disruptive ransomware attack that caused wide-spread blue screens of death, loss of phone access, and no internet! This rendered the station useless and forced employees to locate some innovative workarounds to keep tasks going. The hackers demanded 1.7 bitcoins per computer (generally $2,500). In any case, the hackers so generously offered an option of a one-time special deal of $27,000 for all PCs. There is no strong proof with reference to how the ransomware was introduced, yet KQED was extremely open about their security holes, including permitting administrator rights for local users. KQED thought about paying the ransom, however, was talked out of it by the FBI, which encouraged the station to not pay the ransom, dreading they would be an easy target for future attacks. The station was, in the long run, ready to fend off the attack, and however, it took in an exceptionally valuable lesson with respect to security vulnerabilities.

Ransomware Defense

So what is the ideal approach to protecting your users and systems from ransomware assaults? Here are a couple of tips.

• In particular, stay up with the latest and follow through any patches for vulnerabilities. As we saw with WannaCry and NotPetya, exploiting software vulnerabilities is the most recent, most aggressive avenue for malware delivery.

• Use multi-factor authentication, at any rate for remote access (which would have prevented the HBO assault).

• Keep control of user rights and don't take into consideration unchecked software installation (Learn from KQED's mistake).

• Ensure systems are running antivirus software that will detect malicious programs.

• Schedule automatic system backups. So in the event that you are faced with a malware attack, you can, at any rate, duplicate some of the documents and facilitate a portion of the fallout.

• Communicate with employees and train them to recognize suspicious email.