Is business the next target?

1 February 2016 Information Security, News & Events

In the last 18 months, ransomware has emerged as a serious tool for cybercriminals and has developed into a growing concern for security-savvy citizens and business chief information security offers (CISOs).

Carey van Vlaanderen, CEO of ESET Southern Africa.
Carey van Vlaanderen, CEO of ESET Southern Africa.

Described by some as the virus ‘that blackmails you’, ransomware essentially blocks access to your files, while simultaneously demanding payment in return for restoring access – an attack that can earn cybercriminals big money.

A large number of ransomware variants have come and gone in years gone by, from those that encrypt your hard drive in exchange for bitcoin payments, to those which simply try and scare the user into coughing up their money. By far, the most dangerous type of ransomware this decade has been Cryptolocker, which has already infected half-a-million PCs. It was also big enough for the FBI and Europol to get involved and they eventually brought down the criminal’s computing infrastructure behind the ransomware.

To date, however, most victims have been random citizens, infected by a phishing e-mail, spam or a fake software update. It may also arrive via a drive-by-download attack on a bogus or spoofed Website. Users are usually infected after clicking a link or opening an attachment, and the virus will then look to encrypt the hard drive. The ransomware alert will appear on screen and cannot be minimised. At this point, the attacker(s) will request a ‘modest’ amount of bitcoins for the files to be unlocked.

The danger in paying is that there is no guarantee that the cybercriminals won’t return for another payday. The best bet is to go back to your most backed up files.

The question is: could ransomware be used to hit organisations that hold the most capital – that is, the banks? Up until this point, the answer has been a straight ‘no’. Banking defences are better than most other sectors, and the only ransomware to target banks was actually aimed at their customers, mainly through phishing emails.

However, recently there have been signs of change. Last month, researchers indicated that three Greek banks were targeted with bitcoin ransomware, with attackers from the Armada Collective requesting a grand sum of €21 million to decrypt the files. And while it was not strictly ransomware, an individual going by the name of Hacker Buba also demanded a ransom of $3 million after penetrating the defences of a small bank in the UAE, InvestBank. He was foiled, although his plan was to release customer data until payment was received.

These attacks are currently few and far between, but with ransomware authors creating new variants which target Window and Mac, mobile devices, YouTube ads and now, encrypt entire websites, you can be sure that bank defences will be tested by ransomware for a long time to come. The one million dollar question is whether banks can do enough to keep them out.

For more information contact ESET-SA, +27 (0)21 659 2000, info@eset.co.za, www.eset.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Deception technology crucial to unmasking data theft
Information Security Risk Management & Resilience
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Data security and privacy in global mobility
Risk Management & Resilience Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
Risk management: There's an app for that
Editor's Choice News & Events Risk Management & Resilience
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Read more...
Integrated information platform for risk management
Editor's Choice News & Events Risk Management & Resilience
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Read more...
Unlocking Africa's AI potential
Editor's Choice News & Events AI & Data Analytics
Africa's AI market is set to grow exponentially; by investing in AI education, training, and ethical practices, African nations can harness the power of AI to transform the continent and create a brighter future for its people.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
Entries to southern Africa OSPA Awards now open
Technews Publishing Securex South Africa Editor's Choice News & Events
The southern Africa OSPAs are part of a global awards scheme that recognises and rewards teams, individuals and organisations for their commitment and outstanding performance within the security sector.

Read more...
Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Read more...
Securex has moved to June
Technews Publishing Editor's Choice News & Events
Following the formal announcement of the date for South Africa’s national election, 29 May 2024 , which happened to be in the middle of the planned dates for Securex South Africa, Securex will now take place from 11 – 13 June 2024 at Gallagher Estate in Midrand.

Read more...