I posted this article in another class, but I thought I should share it here as well. We should all be familiar with ransomware and how it works. If not, the basics is simple; a hacker infiltrates a computers, either through phishing, embedded links, or Trojans, and encrypts the files on the computer. For the victim to have the files decrypted, a payment in bitcoins is usually demanded.
Ransomware has been in existence since 1989, but really made its mark in the recent years. Why? it’s simple really, more and more people are using digital storage technologies to store information. Consumers are storing anything from financial data, credit information, medical history, and even sentimental things such as pictures and videos. Organizations are storing a lot more information that are sensitive, proprietary, or files that are critical to their day-to-day business. Knowing this hackers exploits it by using ransomware and bitcoin payment method, making it virtually impossible to trace.
While most law enforcement agencies have encouraged victims to payout the demand, there are organizations out there teaming up to combat this. Europol, Kaspersky Labs, Intel Security, among others have started the “No Ransom Project” back in July 2016. The purpose of the project is to provide the victims of ransomware free tools to decyrpt the files. Thus far, they were able to decrypt about 24 variants of ransomware. Although this is a small number compared to the average growth of 10 new ransomware family per month (TrendMicro, 2016), it is a good start. As more and more organizations begin to share or join with the “No Ransom Project,” the number of decryption tools will begin to grow. However, this doesn’t mean that we should not take preventative measures to protect ourselves.
Listing of Available Decryption Tools: https://www.nomoreransom.org/decryption-tools.html
Dark Reading Article: http://www.darkreading.com/threat-intelligence/6-free-ransomware-decryption-tools/d/d-id/1327999
TrendMicro Article: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-recap-new-families-updated-variants-in-june
This is excellent article and I do feel if the organization gets struck in some ransomware demand then they must approach these labs but this cannot be a preventive control and still doesn’t guarantee of complete safety and organizations should invest in data backups