KnowBe4 Says CryptoWall $18 Million Loss Likely Much Higher
The FBI issued an alert on June 23rd that data from the FBI’s Internet Crime Complaint Center shows CryptoWall ransomware is continuing to scourge American businesses and individuals alike. The FBI has received nearly 1000 complaints since April 2014 from victims reporting a loss of over $18 million.
Eastern European cybercriminals typically use phishing emails with attachments, infected advertisements or redirects to a bad website to hook their targets and get them infected with the ransomware. Files and entire networks can then be held hostage by encrypting them and demanding a ransom from $200 to $10,000 to decrypt the data, preventing its use until the fee is paid using the Bitcoin e-currency.
According to KnowBe4’s CEO Stu Sjouwerman,
“CryptoWall 3.0 is the most advanced crypto-ransom malware at the moment. The $18 million in losses is likely much more, as many companies do not report their infections to the FBI and the downtime caused by these infections is much higher.” Sjouwerman further stated,
“Additional damage is caused when a workstation is infected and has a mapped drive to a shared file server. At that point all the files are encrypted and a whole department is sitting on their hands. The impact to a business can be devastating.”
Sjouwerman noted that the current social engineering tactic is attaching a zip file that claims to be the resume of a girl. Opening the zip file shows a page, that then downloads another zip file which bypasses all antivirus software that may be installed on the local workstation.
KnowBe4 recently developed a test template to train users how to avoid such scams as CryptoWall 3.0 based on the experiences of a new customer. Based on this campaign, the new banking customer turned the resume into a “teller resume” with a docx attachment and had a whopping 60% of those employing receiving it open the attachment.
Sjouwerman offers these tips on staying safe:
1. Backup your data in multiple places. And test the restore function of your backup regularly.
2. Don’t open anything you did not ask for. When it doubt, throw it out.
3. Practice defense-in-depth. Start with security awareness training that includes simulated phishing attacks to continuously remind employees of the risks. Add to this security measures at the firewall, network, computer, application and data layers.
Sjouwerman added,
“This clearly shows the employee is the weak link in IT security and there is a dire need for effective security awareness training as the first line of defense in preventing ransomware infections.with the potential to shut down a business. Furthermore, we are so confident our security awareness training program works, we’ll pay your ransom in Bitcoin if you get hit with ransomware while you are a customer.”
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which hosts the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. A data security expert with more than 30 years in the IT industry, Inc 500 alum and serial entrepreneur, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help organizations manage the problem of cybercrime social engineering tactics through new school security awareness training. KnowBe4 services 1500 organizations in a variety of industries, including highly-regulated fields such as healthcare, finance, energy, government and insurance and is experiencing explosive yearly growth of 300%. Sjouwerman is the author of four books, with his latest being “Cyberheist: The Biggest Financial Threat Facing American Businesses.”
About Kevin Mitnick
Kevin Mitnick, ‘the World’s Most Famous Hacker’, is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecom devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and keynote speaker and has authored four books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC as its Chief Hacking Officer.
Related News
The Federal Bureau of Investigation reported that the the total losses generated by the bitcoin ransomware called Cryptowall have reached $18 million. The FBI's Internet Crime Complaint Center stated that the agency received 992 complaints related to Cryptowall between April 2014 and June 2015. Bitcoin has typically been used by hackers as their means of demanding ransom from companies they've attacked with their malware. In Brisbane, a company has reportedly paid this bitcoin ransom but the hackers refused to back down with their demands. Bitcoin Ransomware Attacks. Typically these....
The US Federal Bureau of Investigation (FBI) has received reports of more than $18m in losses in the past year stemming from the spread of the bitcoin ransomware Cryptowall and its related variants. A 23rd June advisory from the FBI's Internet Crime Complaint Center stated that the agency received 992 complaints related to Cryptowall between April 2014 and June 2015. Cyberattacks involving Cryptowall and other types of ransomware encrypt data on the target's computer, holding that information hostage unless a ransom - generally in bitcoin - is paid. Targets in the past have ranged from law....
Dickson County Sheriff's Office said they had to pay a ransom - $500 in Bitcoin - to regain access to thousands of their case files which has been encrypted by a computer virus, News Channel 5 Network reports. IT Director Detective Jeff McCliss said: "Every sort of document that you could develop in an investigation was in that folder. There was a total of 72,000 files." The computer virus, Cryptowall, is a variant of the infamous CryptoLocker. In August, PC World reported that CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage,....
Bitcoin ransomware has been a new type of malware attacking computers and networks all over the world. By decrypting all important file extensions, and forcing the device owner to pay a ransom in bitcoin to decrypt the files, assailants have found a new way to abuse the popular digital currency for nefarious acts. Even though it looked like this threat was “under control” for a brief while, a new version of CryptoWall is making the rounds. Unfortunately, the latest version of the CryptoWall ransomware has not removed the option for infected users to pay in Bitcoin. In fact, several....
The malware authors making up the cyber gang behind the intrusive Cryptowall 3.0 ransomware, a strain of malware, have raked in an estimated $325 million from hundreds of thousands of victims around the world by demanding ransom payments in Bitcoin. The ransomware has been active since January, 2015. A cybercriminal group that develops and deploys Cryptowall 3.0 may have gathered millions of dollars of ransom in Bitcoin in this past year alone, a comprehensive study points out. Cryptowall version 3.0 the latest variant of a ransomware that is among the most effective tools used by....