Ransomware: The King of Ransom

The concept of taking sensitive data hostage is quite old. The original ransomware – dubbed the AIDS trojan – cropped up in 1989, as its creator distributed a floppy disk at the World AIDS convention. Claiming to include information on the titular virus, the disk instead contained a payload that would first count the number of boot cycles, then – upon the number hitting 90 – proceeded to encrypt system files with a simple encryption method. To have their files decrypted, victims were told to send to an address in Panama. Thankfully, the encryption was fairly simple, and decryption programs were soon commercially available. 

Ransomware attacks did not hit their stride until well into the 2000s. This was partially due to a lack of suitably anonymous payment. By the time Bitcoin hit the scene in 2010, encryption technology had advanced to an almost irreversible state. Military-grade encryption is now easily available for the aspiring criminal, and the rapid adoption of cryptocurrency perfectly set the stage for major ransom attacks. 

Individuals and businesses the world over were totally unprepared for the explosion of CryptoLocker in 2013. This brand-new breed of ransomware made use of cryptography key pairs, generated from a command-and-control server, making sure victims had no way out unless they sent the ransom of $300. 

The Rise of Encryption-Free Ransom

Ransomware’s sheer profitability predicted its meteoric rise in popularity. A key component to the ransom process is removing the target’s control over their data via encryption. Increasingly, however, cybercriminals have achieved this through remote data theft. Part of the success of this technique relies upon the spiraling cost of data breaches: the average cost of which has already increased by 2.6% this year, from $4.24 million in 2021 to $4.35 million now.

The number of ransom attacks that are veering away from encryption shows that cybercriminals are rapidly exploring an easier, less demanding form of ransom. By exfiltrating unencrypted data, and threatening to leak it publicly, the legibility of the data means a company must make the choice between paying the ransom and letting their customers’ data be publicly leaked and sold to other criminals.

Karakurt is a new extortion gang that relies purely on these unencrypted ransoms. With victims’ losses as high as $13 million, the group attacks indiscriminately. Karakurt attackers will steal sensitive data including security numbers, email addresses, company blueprints, and more. Once they’ve stolen this data, they reach out to victims’ employees, business partners and clients, demanding the ransom to be paid. The threat of a data breach hanging heavy, many organizations cave to the incessant harassment and pressure to pay up.

Ransom Distributed Denial of Service (RDDoS) attacks heighten the stakes even further: the business is not offered a choice between paying the ransom or suffering a data breach. Instead, the business must pay extortionate fees to simply remain online. RDDoS groups extort victims via large scale DDoS attacks that are even easier to pull off than data exfiltration attacks. Requiring absolutely no access to company systems, and with operational botnets plentiful on underground marketplaces, it is now easier than ever to commit high-profit extortion attacks on unsuspecting victims. Consider the fact that DDoS attacks cost US businesses an average of $218,000 per attack: any ransom priced below this presents a genuinely tempting option. 

Attackers may launch DDoS attacks first, then send a ransom note later – lazy criminals may opt for a note first. It is never wise to assume the latter is telling the truth, as opportunistic scammers are more than happy to profit off the technical capabilities of real cybercriminals. 

The RDDoS Hit List Grows

RDDoS attacks hit the scene in 2020, and rapidly made waves. The New Zealand stock exchange battled multiple instances as their network service provider was struck from overseas. This greatly impacted NZX connectivity, causing a complete halt in the cash trading markets by mid-afternoon. 

A second attack proceeded to bring down the NZX’s website, their announcement platform, the NZX debt and Fonterra shareholders’ markets. For this time, many organizations and individuals were unable to participate in the market. Connection was restored four hours later, once the attack had ended and connection was finally re-established.

An active DDoS attack can be incredibly alarming to both customers and organizations alike. Whilst it’s unclear whether the NZX decided to pay up for the ransom or mitigate the attackers’ attempts, a growing number of cybercrime gangs are simply opting for the easy way out. This perfectly describes the so-called Armada Collective. This group follows a very recognizable set of steps.

First, they find a company – any will do, though the bigger and more public-focused, the better. They then reach out to any email address available, with a highly alarming message.

Introducing themselves as the Armada Collective, the email explains how the victim’s network will be DDoS-ed, starting at a specified date in the very near future – unless the company pays a fee of 10 Bitcoin. 

The gang then proceed to detail how – if the 10 BTC is not paid by the set date – a DDoS campaign will begin, and the fee to make it stop will rise to 20 BTC, then continue to rise by another 10 BTC for every day that the attack continues. 

The gang signs off by telling their victims not to respond: simply that they will know when they have been paid. The email details the Bitcoin wallet address, and reassures the reader that the payment is totally anonymous. This is correct – and also shows the holes in the attackers’ gameplan. As the payment is anonymous, it is, in fact, impossible to tell who has paid the extortion fee. This is supported by the fact that Armada Collective has actually never followed through with their DDoS threats – regardless of whether the fee is paid or not.  Despite the group’s lack of true damage, an analysis of their listed Bitcoin wallet address revealed a shocking number of victims. Many victims have paid the ransom fee out of fear.

How to Protect Yourself From RDDoS

DDoS threats are originating from increasing numbers of cyber gangs. Fancy Bear, Cozy Bear and Lazarus Group are all organizations of concern, and the only way to nullify their power over your organization is a solid form of DDoS mitigation. 

DDoS mitigation defends against volume attacks on your servers and networks. Automatically detecting traffic from malicious IP addresses, the fraudulent connections are diverted away from your server before the site request has initiated. This way, your server is not crushed under the weight of a million-strong botnet, and legitimate customers are still allowed access to your page. Pull the rug from under profit-seeking criminal gangs, and keep your brand online with a comprehensive DDoS defense.

Also Read: PCB Benefits To Integrating Into Your Manufacturing Business

The post ID11 Cyber Threat Actors Branch Out to New Forms of Extortion appeared first on Trends Tech Blog.

While the internet is full of benefits, it also has some downsides. One of them is security since more and more hackers are willing to attack you to access your information. No one is exempt from this risk, no matter if you are a man, woman, child, or businessman, you are vulnerable to hacks.

Cybersecurity For Children

Today more and more children are accessing the internet, either for entertainment or for fun. Unfortunately, this sector is the most vulnerable, since deceiving them often turns out to be something easy, due to their innocence and overconfidence.

Protecting them is very important, although we know that you cannot be behind them all the time. That is why here we will tell you 7 methods that will help you know how to keep your children safe when they surf the internet from the computer or mobile, tablet, console, etc.

Create Awareness In Your Little Ones

The first thing you should do is talk to your little ones and tell them about the risks they face online. The idea is to awaken in them the awareness that the internet is not only games and music, it also has risks. This will make the responsibility much greater on the part of your children, giving them the necessary tools to make the best decisions. Also, this point is very important, as it will help you make the following points much easier to understand.

Protect The Identity Of The User

One of the highest risks on the Internet is that your children, accidentally or on purpose, show personal data such as your home address or personal phone. This is because many platforms such as social networks not only require this information to open an account, they also give you options such as sharing your location.

In addition to talking with your children about how to protect their identity and the importance of not revealing personal data. You can also use more technological tools to protect your data, or even use an alternative name, as well as fictitious data.

Keep Your Computer Protected

To prevent cybercriminals from sneaking into your computer, you must keep your operating system updated. We do not dispense with patches and security updates, since these are responsible for making the computer’s defenses more robust to new types of viruses and malware.

Similarly, having an antivirus that is powerful and that is also at the forefront in protecting computers is important. Before buying one, check the antivirus comparison to find the best antivirus for your computer, this will make breaking it much more difficult.

Hard-To-Hack Passwords

Another fairly common mistake among children is to use very easy-to-guess passwords such as 12345. It is also very common to see that a password is used for everything, from unlocking the computer to accessing email or Facebook, for example.

According to experts, this is a great risk, as it makes it easier for hackers to guess your password. Ideally, create passwords with letters, numbers, and symbols that are difficult to guess. In addition, it is recommended to use one password per account, that is, one for Facebook, another for email, etc.

Monitor Your Children’s Activity

To know if your children are following the security measures, it is necessary to be aware of their internet habits. That is why monitoring the way they browse the web turns out to be extremely important. There are many ways to do this, one of the simplest is to enter the search history and review it manually. There are also applications such as parental control programs that take care of all this. Dedicate at least one day a week to be aware of how your little ones use the internet.

Beware Of Cyberbullying

Bullying nowadays is not only done at school, it can also be done outside of it through the internet, this is known as Cyberbullying. The risk of cyberbullying is that it can lead your children to other problems such as depression and even suicide. The best way to prevent future cyberbullying problems is to talk to your kids so they know if everything is okay. Monitoring your internet activity is also a good way to prevent the risk of cyberbullying.

Promote Values

Finally, we recommend that you promote different values ​​among your children so that you can understand the potential of the internet and also the risks. The ideal is to promote concepts such as responsibility, trust, security, protection, and also honesty. This with actions that help to better understand the concepts.

There are games, for example, where you can promote values ​​such as friendship or communication. You can also promote concepts like trust by helping them distinguish which sites are trustworthy and which are not. Thus, children will better understand how the internet works and preventing cyber threats.

Technology Is Your Best Ally

You should know that technology can be your best ally since there are a large number of programs that can reduce the risk of hackers and threats. For example, programs like VPN, antivirus, among others are good tools that will help you keep children safe.

Another option that you can take advantage of our parental control systems, which are responsible for protecting your children when browsing. Considering these programs can be a good idea when awareness is not working. You can even add up all these tips to ensure 360 ​​° protection.

Also Read: What Is EDM Software And Why Is It Essential For Your Business

The post Cybersecurity How To Keep Your Children Protected On The Internet? appeared first on Trends Tech Blog.

So much so that, recently, the press reported a cyber attack on a cannabis club. It would be a bit of a laugh if it weren’t for the fact that you soon fall into the criticality of the data stored by that type of association. And it is that all organizations, whatever they do, have stored data likely to attract hackers, specialists, extorting money and extorting money in multiple ways.

The Importance Of Deploying A Cybersecurity Layer In Its Projects

The pandemic has forced most companies to reset themselves to have the most negligible impact on their business. Establishing the technological infrastructure necessary for teleworking has taken most of their efforts. To this is added, a review of the processes to adapt them to the new reality and reduce costs as much as possible.

The consequence of this is that a vital aspect in recent years, such as cybersecurity, has been somewhat neglected, especially in sectors such as health and education, which are the ones that have focused the most on solving their deficiencies to face the new demands. Precisely these two areas, together with the traditional financial one, are the ones that have suffered a more significant number of cyberattacks.

The Risks Of Teleworking For Business Security

Teleworking opens up numerous vulnerabilities if your technological deployment is not well done. The rush has led to misconfigurations that are a drain for cyberattacks. The WAN networks, using environments multi-cloud, using very different mobile devices using Wi-Fi mainly, the proliferation of VPN networks, are inherent to work in remote and modernization of enterprise IT infrastructure. These circumstances, along with the deployment of IoT data, are expanding the corporate perimeter almost limitlessly. A traditional perimeter protection approach is now outdated and risky.

Double Extortion Ransomware, Leading Top Cyberthreats For 2021

The cyberattack trends in 2021 drink from what has happened in 2020 and are its continuation only to grow in quantity and diversity of objectives. Among these, the double extortion Ransomware stands out. This attack begins with the theft of information before encrypting a computer and requesting a ransom. As a pressure, some stolen data is being published on the ‘Dark Web. The most common way of stealing information related to ransomware is the carelessness of end-users when using their email, responding to phishing emails, or accessing websites with malware, which are increasingly being circulated by armies of botnets, such as the famous Emoted.

Added to this is vishing. What is vishing? In the business sphere, it is limited to telephone calls received by teleworking employees in which they impersonate company executives who request confidential information from them. The hyper connectivity brought by 5G and the IoT open new ‘highways’ for cybercriminals who always have their sights set on the continuous increase in mobile devices both by end-users and in an automated way in multiple gadgets, cameras, sensors.

Keys To Deploying An Effective Cybersecurity Strategy

With this landscape, protecting cloud environments, networks, and applications is vital so that critical information does not reach the hands of cybercriminals. It is essential to prevent a cyber attack from spreading throughout the company’s infrastructure. To achieve this, it is vital to educate end-users of corporate technologies by asking them for full responsibility in their actions. The enterprise IT architecture must also be audited for vulnerabilities and systems patched and updated.

In this analysis of the IT infrastructure, it is essential to update passwords and deploy profiles with specific authorizations to access systems and data, accompanied by monitoring mobile devices with MDM (Mobile Devices Management) solutions. But given the sophistication of current cyberattacks, it is practically essential to deploy automated prevention solutions based on Artificial Intelligence and Machine Learning. The solutions IA and ML allow current practices ahead of cyber-attacks thanks to information gathered earlier about their modus operandi.

Fortunately, market research shows that cybersecurity budgets are increasing in companies. Contingency plans should always be included in these strategies as a critical piece of security. Since, if necessary, having an effective Backup and Disaster Recovery plan is the best protection against a cyberattack.

Also Read: What Are The Benefits Of Master Data Management

The post What Cybersecurity Strategy To Follow In 2021 appeared first on Trends Tech Blog.