KnowBe4 Sounds the Alarm on New Ransomware Epidemic
Many threats like this which are not detected with security software can be stopped dead in their tracks by creating a strong security culture... and giving employees the tools and training to become a human firewall - Stu Sjouwerman, CEO KnowBe4
Recent reports have been blasting out news of CryptoWall 4.0 and the hundreds of millions of ill-gotten revenues generated by this type of ransomware. Now the ransomware strain known as CryptoWall has upped its game to avoid detection by antivirus and firewalls. But wait, there’s more. A new flavor of “extortionware” has surfaced, named Chimera, that combines ransomware with a threat to publish your files on the internet if they are not paid the ransom. The report of Chimera appeared at the German Anti-Botnet Advisory Centre.
“This nasty bit of crimeware is being beta-tested in Germany”, said Stu Sjouwerman, CEO of KnowBe4. “While it starts off as a regular ransomware infection, it throws up a ransom note for 2.5 Bitcoin, nearly $1000 (at the current rate of $388 per Bitcoin) and claims if they are not paid, they will publish files on the Internet. Whether the program can siphon off files has yet to be determined, however the threat itself may be enough to get businesses to pay up.”
According to Kaspersky Labs, the first six months of 2015 have met or exceeded 2014 totals, showing the increased level of threat ransomware presents. According a recent report from the Cyber Threat Alliance (CTA), CryptoWall alone has made $325 million, and that is before the most recent new version was released.
“Some ransomware sneaks in and lays dormant, encrypting files before notification, increasing the likelihood of backing up encrypted files and decreasing your chances of getting your files back without payment.”, said Sjouwerman.
“While we do not advocate payment, it may come down to a pragmatic business decision for many companies to pay up, since their backup didn’t work, or lose their data forever.”
Ransomware continues to be a source of worry for U.S. regulatory agencies such as the Federal Financial Institutions Examination Council (FFIEC) who published a statement warning financial institutions about the increasing “frequency and severity of cyber attacks involving extortion.” The statement advised financial institutions to address this threat by implementing programs that “ensure the institutions are able to identify, protect, detect, respond to, and recover from these types of attacks.”
The FFIEC statement also reiterated previous guidance that financial institutions take precautions against ransomware attacks with security controls such as ongoing information security risk assessments, securely configure systems, protect against unauthorized access, perform security prevention and risk mitigation, and update cybersecurity awareness programs.
Sjouwerman pointed out,
“Many threats like this which are not detected with security software can be stopped dead in their tracks by creating a strong security culture within an organization and giving employees the tools and training to become a human firewall. We are so confident our security awareness training program works, we’ll pay your ransom if you get hit with ransomware while you are a customer.”
For a free Ransomware Hostage Rescue Manual, visit http://www.knowbe4.com/ for more information.
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which hosts the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help organizations manage the problem of cybercrime social engineering tactics through new school security awareness training. KnowBe4 services 1500 organizations in a variety of industries, including highly-regulated fields such as healthcare, finance, energy, government and insurance and is experiencing explosive yearly growth of 300%. Sjouwerman is the author of four books, with his latest being “Cyberheist: The Biggest Financial Threat Facing American Businesses.”
About Kevin Mitnick
Kevin Mitnick, ‘the World’s Most Famous Hacker’, is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecom devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and keynote speaker and has authored four books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC as its Chief Hacking Officer.
Related News
Europol, the Dutch national police, McAfee, Intel Security and Kaspersky Labs have spent this past summer helping victims of ransomware. Calling themselves the “No More Ransom Project,” the group helps people learn about ransomware and how to prevent it, as well as offering tools to help victims recover lost data. A Web Portal Dedicated to Preventing and....
US and Canada cyber security agencies issued an alert last week regarding an increasing number of ransomware attacks against healthcare organizations. Five providers, in just the last month alone, have been infected with such computer viruses, and often they are forced to pay Bitcoin ransoms. “Malicious software” infected the computer system at Alvarado Hospital Medical Center in San Diego last month. Two other hospitals, Chino Valley Medical Center and Desert Valley Hospital in Victorville, were also infected. Each of these infected parties is a Prime Healthcare Hospital. In Indiana,....
On May 30, the author of thecrypto-ransomware known as Locker posted an apology on Pastebin and claimed that he “never intended to release” the malware program. According to Threatpost.com, the author says he terminated distribution as of June 2 and that he has decrypted all infected files. The author said on Pastebin: Security firm KnowBe4 explains Locker ransomware is a “sleeper campaign” that is installed through a social engineering attack and then sits silently on computers and encrypts files upon the activation of the malware creator. " I am the author of the Locker ransomware and....
Ransomware is a constant threat looking over our shoulders, and it sounds like internet criminals have once again upped the ante. Now that this business has become so very lucrative, cyber crooks have taken it upon themselves to provide a support page to affected victims. The way these support pages works is to guide affected users through the payment protocol. The majority of ransomware infections require victims to pay a fee in Bitcoin, and a lot of people have trouble with obtaining cryptocurrency. A service desk for victims has been created by the developers of CryptoWall and....
Over the course of 2015, many individuals and companies have been affected by ransomware. While this may have nothing to do with Bitcoin at first glance, there have been a few cases where the ransomware could only be removed by paying a certain fee in Bitcoin. But those days may be over now, as a decryption toolkit for various types of ransomware has been made publicly available, free of charge. CryptoLocker and CoinVault Ransomware. Two types of ransomware making headlines all across the world in recent months are called CryptoLocker and CoinVault. Both types of ransomware operate, in the....