Ransomware Dictionary: What Nashville Businesses Need to Know
We’ve said it before, and we’ll say it again: Ransomware is nasty.
While some companies have implemented multiple levels of security and backup to protect against infections, many others are still hoping to survive on minimal amounts of protection.
Ransomware can take on numerous different forms – and they can lead to substantial financial loss. It’s good to be aware of what ransomware can do, so you know how to step up your company’s security solution and be able to ward off attacks.
With a little help from our friends at Datto, we’ve put together a list of the most common ransomware strains that you need to know about:
- CryptoLocker: The original strain commonly synonymous with the term ransomware, CryptoLocker first gained notoriety in 2013. While this exact strain has been shut down, the same approach has been copied and continues to be the building block for many newer strains of ransomware. Before being shut down, CryptoLocker had grossed up to $30 million as a result of ransom.
- Cerber: A cloud-based malware targeting Office 365 platforms, Cerber has impacted millions of users via in-depth email phishing campaigns created to fool workers. It’s a relatively new RaaS (Ransomware as a Service) that demands bitcoins before restoring user data. In May 2016, Cerber was found to be the 3rd most prevalent strain, contributing to more than 68.5 million overall ransomware hits in one month.*
- CryptoWall: CryptoWall is another early strain of ransomware, first appearing in 2014, that has led to its own variety of spin-off variants, including: Cryptorbit, CryptoDefense, CryptoWall 2.0 and CryptoWall 3.0. It works by encrypting files on a compromised computer and appearing through spam emails or compromised websites or malware. CryptoWall is the king of ransomware in 2016, accounting for nearly half of all ransomware hits.*
- Crysis: A newer form of ransomware, Crysis uses strong encryption to lock down files on hard drives. Its scheme is very difficult to crack within a reasonable amount of time.
- CTB-Locker: Outsourced ransomware is called CTB-Locker and allows the malware to infect large volumes of data and generate large profits for a wide criminal base. Due to the wide network, it’s often hard to trace it back.
- Jigsaw: Named after the villain from the “Saw” film series, Jigsaw progressively deletes an ever increasing amount of encrypted files until a ransom is paid.
- KeRanger: KeRanger is the first ransomware designed to lock Mac OS X apps. It is not widely distributed but poses a dangerous threat for Mac users.
- LeChiffre: Named after a James Bond movie villain, “Le Chiffre,” this ransomware mirrors the movie plot by seeking out weak remote desktops, logging into them remotely and manually running the malware protocol.
- Locky: Relatively new to the scene, Locky is a standard ransomware strain, usually in the form of an email message disguised as an invoice. As of 2016, it’s the 2nd most prevalent strain.*
- TeslaCrypt: TeslaCrypt, which uses an AES algorithm to encrypt files, is typically distributed to target Adobe vulnerabilities and installs itself in the Microsoft temp folder. Victims are given options for payment to restore user access. It’s the fifth largest strain in 2016.*
- TorrentLocker: Currently at it’s most destructive stage, TorrentLocker is a wide-scale form of ransomware, encrypting files and collecting email addresses to spread the reach of the infection. It’s the fourth most prevalent strain in 2016.*
- ZCryptor: Last but not least, ZCryptor is a self-propagating malware strain that encrypts files and infects external drives and flash drives so that it is distributed once files are moved. Scary, huh?
While the above strains are the most common ones out there, there are newer, less common variants of ransomware strains being developed and distributed each and every day.
In order to keep your company’s data protected, it’s important to evaluate your security needs and put a plan of action in place. Work with a local managed IT services provider that takes charge of your security system and partners with you to ensure you have the best security for your system and your sensitive data.
At Concept Technology, we understand the importance of maintaining a full-scale security solution against ransomware and other types of malware. We can work with your IT team to make sure nasty attacks don’t grab a piece of your data or siphon your money. Want to learn more about how we can help? Contact us!
*Source: Fortinet.com