You likely know about ransomware but do you know about ransomworms?
Ransomware is one of the most common ways that hackers are using these days to infiltrate companies and make a profit. It has been very profitable for them but now security experts see the next phase of hackers uses a different method: ransomworms. It is still a way for hackers to hold data hostage but it also differs in some ways.
What is a Ransomworm?
Worms are not new to the cyber security radar. In fact, common network worms that have been around for years include Conficker, CodeRed, and SQL Slammer. However, some security experts are saying that in 2017, we can expect to see these worms combined with the ransomware attacks that we see so often today. This combination will create the first generation of ransomworms. It is anticipated that they will be encrypted worms that will hold data and files from their target. They will then move across the network allowing them to get multiple targets in a single attack.
The Ransomware Evolution
Not only do security experts believe that ransomworms will become a part of cyber-attacks, but they also think it will continue to evolve. One evolution they are predicting is that it will be able to steal data and files first before encrypting it. This will allow them to hold the same data hostage from the target more than one time. This has already happened in some attacks where the victim was able to restore the data from a backup that was encrypted only to determine a few weeks later that it had been stolen.
The Cloud Maybe a Target
Many companies rely on their cloud to be relatively safe, but studies have found that these same companies are not establishing a valid backup for the data stored there. This makes the cloud a large target and it is expected that 2017 will be the year that attacks are focused here. This is because hackers see this as a higher possibility of getting the ransom paid since they cannot get their own data from their backup systems. This is a huge security risk, but it can also result in more infrastructure upgrade for the cloud providers. This cost will likely be passed on to the companies that pay for the services in the coming year.
How to Protect Your Company
Every day in 2016, there were more than 4,000 ransomware attacks. In 2017, this number is expected to increase along with the ransomworm attacks that will begin to grow. Even if you have not yet been a victim of these types of attacks, it doesn’t mean you won’t be, and you need to be able to protect yourself. There are many ways you can do this and it is best to have multiple layers of protection. Some things to consider include:
- Installing and updating anti-virus and anti-malware software
- Monitoring your network and all traffic
- Training your employees as well as testing them on their security knowledge
- Developing and implementing policies for the use of computers, tablets, data, cell phone, and cloud applications for the business
- Implementing, managing and monitoring your security policies and settings
- Scheduling regular backup of data
- Testing for disaster recovery