Ransomware – It’s Maddening!

The malware category known as ransomware is widely used by cyber-criminals. Ransomware uses malicious encryption code to lock up computer systems and data files. Cyber-attackers then demand a ransom to release the frozen files.

It is estimated that in 2017, a cyber-attack occurred approximately every minute with about two thirds of all malware attacks demanding ransoms. In this BlogBytes, we will discuss several malware war stories, a new twist to ransomware and what companies can do to protect their company’s digital assets from this maddening cyber-war.

Malware War in the News

In a Fox News article, several ransomware war stories were reported. A spokesperson for the City of Atlanta explained, “The City of Atlanta is currently experiencing outages on various internal and customer facing applications, including some applications that customers use to pay bills or access court-related information.”

In 2016, Hollywood Presbyterian Medical Center in Los Angeles paid a ransom in excess of $17,000 in bitcoin currency to cyber-attackers who penetrated and immobilized its computer systems.   In another story in 2017, a host of IT systems at Mecklenburg County, North Carolina were shut down by a ransom demanding attack.  Also in 2017, a Sacramento Regional Transit was attacked – the hacker’s malware deleted 30 million files.

Speaking of bitcoins, an article shared by The Guardian reported that the South Korean cryptocurrency exchange Bithumb announced that 35 billion won (₩) (~$31.5 million) worth of virtual coins were stolen by hackers. Some coins were stored in ‘cold wallets’ which were not connected to the internet – making it difficult for cyber access, while others were kept in ‘hot wallets’ with internet connectivity making it subject to maleficence.

The New Twist – Pay for Protection!

Ransomware attacks have company execs on edge and now there is another twist to be aware of – protection racketeering or providing protection through extortion and threats. A komando.com article explains that some cyber-criminals are now demanding payment in advance, in a ploy to convince you that they will not lock up files in the first place- essentially you pay or else! These attacks, threats and malware variants are difficult problems to deal with – so what can you do to help prevent and protect your systems from malware attacks?

Fighting Back

In the white paper Using Tape to Optimize Data Protection Costs and Mitigate the Risk of Ransomware for Data-Centric Organizations, IDC recommends several data protection best practice strategies:

  1. Adopt a continuum of data protection technologies matched to the data protection loss threat and service-level requirements.
  2. Thwart ransomware risks by ensuring that there is an air gap between live data and recovery data.
  3. Control costs by selecting the lowest-cost technology that neutralizes the threat of data loss and meets the business’ availability requirements.

As detailed in the IDC white paper, “tape continues to address certain data protection needs with its capabilities and low cost that other technologies cannot match. Chief among these capabilities is a bulwark against the rising threat of ransomware and other malware designed to infect replicated data from end to end. The air gap nature of tape operations, along with its ability to maintain separated data images that cannot be corrupted, allows tape to serve as a fail-safe method against ransomware. Moreover, if a company’s entire data environment were to be compromised, tape can restore data at speeds that cannot be matched by replication from the cloud.”

Malware attacks are continual and on the rise. Taking protective action to include employee education, rigorous backup procedures, tape air gap technology and anti-virus systems is essential for maintaining IT health and malware defense.  To create a safety blanket for your data protection plan, use LTO-8 technology.