Each ransomware event is unique, so it’s impossible to say there is only one ‘right’ way to handle such an event. If you find yourself facing a ransomware incident and aren’t sure what to do, ask for help.
Las Vegas is the most likely place in the United States for a business to fall victim to ransomware, according to a recent Malwarebytes report. The findings confirm what Las Vegas managed IT services providers have long suspected: when it comes to the threat of ransomware, Las Vegas businesses are the worst-hit targets in the United States.
A debate rages over the best form of protection against cyberattacks, a small niche conversation is growing in volume. Should a business pay ransom, or not.
In the middle of the debate is the apparent pivot as cybercrooks begin to move cryptojacking in lieu of depending on payment — as in extortion.
Ransomware has been a threat for a while, but really took the stage in 2017 with the fast spread of WannaCry and Petya/NotPetya. As though someone flipped a switch, ransomware moved from a manageable annoyance to a major concern. Questions have been raised about the rate of ransomware attacks, but it is not going away soon.
Just like the flu, preventing an infection is preferred to getting sick, but preventing ransomware infections can be easier said than done.
Searching online shows no lack of prevention tips. The hacks range from training employees to using sophisticated security tools. One firm even suggested using honeypots to lure infections from the remainder of the company’s network.
Irregardless of which strategy is used, no company can be 100% safe from a ransomware event. A sound recovery plan — with secure back ups — is important. If the infection can be bottled and data restored, the business has a fighting chance to recover.
What if restoration isn’t an option? What happens if the encryption hits the backups? What if the event happens so fast the group is paralyzed and can’t function? In a tsunami situation as this, leadership is faced with awful options.
- Accept the loss and start over, which is really not an option at all,
- Try to recover the files in-house,
- Outsource the problem and hire a security firm to figure it out, or
- Pay the extortion demand
What Are The Pros Saying?
The great majority of pros say do not pay ransom if infected by malware which demands money to unlock your files. Many professionals feel too strongly they don’t even discuss the alternatives. Here are some reasons people say you should not consider payment as a workable solution.
- Companies hit by ransomware usually focus only on getting their data back,
- Leverage collaborative projects for free,
- You are marked as a repeatable target,
- There is no guarantee you will get your data back,
- You may be enabling ransomware crime to continue,
- You won’t learn your lesson,
Simply stated, ‘cryptojacking’ is the unauthorized access to a computer, tablet, connected home device or mobile phone by cybercriminals who mine for cryptocurrency.
Why Cryptojacking Is Increasing
Cryptocurrencies gain financial value based in part on the law of supply and demand. For instance, there are a finite number of Bitcoins have not been mined. Also, there are other variables like:
- How easy the cryptocurrency is to use, and
- The equipment and energy used to mine it.
According to The History of Bitcoin, Cryptocurrency has wavered in value. In 2010 a Bitcoin was valued at less than 1-cent. By the end of 2017, the valued zoom to around $20,000 (USD) per bitcoin. By June 2018, some were valued around $6,750 (USD). With the roller coaster in value, cryptojacking skyrocketed in 2017.
By hijacking someone’s computer with a few lines of code, cyber criminals make free money with minimal effort. The victim bears the expense of the computations and electricity needed for mining while the crooks get away with the tokens.
By the end of 2017 when cryptocurrency peaked, there were about 8 million coin mining events which Symantec blocked — in December alone.
How Cryptojacking Works
For an individual, coin mining may be a long and costly experience. Expensive electricity bills and high-cost computer equipment are major investments. But because a criminal get more devices working for them, they can mine cryptocurrency faster. The speed makes cryptojacking more attractive.
One of the popular methods crooks use to cryptojack is to use malicious emails which install code on a computer. Often done through ‘phishing’, the victim clicks on a link contained in a harmless looking email. Once they do, the code is downloaded and runs in the background without the victim’s knowledge.
Another hacking method depends on the victim visiting an infected website. Once an infected ad pops up on the victim’s browsers, the script automatically executes and no code is stored on the victim’s computer.
In both cases, the code solves mathematical problems and sends the results to the hacker’s server while the victim remains blissfully unaware.
Each ransomware event is unique, so it’s impossible to say there is only one correct way to handle such an event. If you find yourself facing a ransomware incident and aren’t sure what to do, ask for help.
The 10 cities most likely to experience ransomware attacks:
1. Las Vegas, Nevada
2. Memphis, Tennessee
3. Stockton, California
4. Detroit, Michigan
5. Toledo, Ohio
6. Cleveland, Ohio
7. Columbus, Ohio
8. Buffalo, New York
9. San Antonio, Texas
10. Fort Wayne, Indiana