RANSOMWARE
MUTATING INTO
LARGER AND MEANER
ITERATIONS
Ransomware has been responsible for bringing an entire
city to a crippling halt and attack methods are constantly
evolving. Scott Gordon, InfoSec Evangelist, Pulse Secure,
discusses how enterprises and organisations can fortify
their networks by implementing layered defences and
applying secure access solutions.
Scott Gordon, InfoSec Evangelist,
Pulse Secure
I
n the last few
months, mounting
ransomware
gangs have
hit a broad
range of targets
which sent big
aftershocks into the commercial world.
In April, ransomware shut down the
website of Ukraine’s Energy Ministry.
The next month, an Indiana hospital
paid over US$50,000 to unleash itself
from the grip of a ransomware attack.
The Leominster Massachusetts school
district caved into the demands of a
cybercriminal and paid US$10,000.
Police declined to investigate, labelling
the effort ‘impossible’ and later told
reporters that the school district did the
right thing by paying off its attackers.
But among the most significant
ransomware attacks so far of 2018
84
is its attack on the city infrastructure
of Atlanta. The attack hit the city’s
computer systems and online portals;
the police lost surveillance footage,
city attorneys lost years of documents
including criminal evidence, job
applications were suspended; court
dates were postponed and city
services, in large part, ground to an
incontrovertible halt. Atlanta was still
picking up the pieces weeks later. The
attackers wanted a meagre US$50,000
and ultimately the city paid more than
US$2.5 million, but the final bill looks like
it may come to well over US$11 million.
The ransomware landscape has
undergone some changes in the last
year. Malwarebytes highlighted a 90%
increase in detected ransomware attacks
in 2017, while noting that the growth in
the number of ransomware families has
largely held steady, possibly driven by
A layered approach,
with secure access,
active endpoint
security and network
visibility, will
effectively reduce
endpoint security
threats and increase
fidelity to discover
and mitigate
malware activity.
Issue 05
|
www.intelligentciso.com