How To Defend Against Cryptowall
By Trisha Leon, contributing writer
A new type of ransomware, Cryptowall, is on the rise, according to the Intronis blog. Cryptowall uses similar tactics as Cryptolocker in order to exploit its victims. Ronnie Tokazowski of PhishMe.com gives a detailed description of how the ransomware operates and ways enterprises can protect themselves from this serious threat. According to Tokazowski, Cryptowall’s organizers have earned $80,000 in ransom payments so far and show no signs of slowing. As Cryptowall acts in a similar way to Cryptolocker, some of the same practices that defend against it work against Cryptowall as well. Some of these practices are:
- Ask your SMBs to keep an eye out for — and to avoid clicking links in— emails containing suspicious Dropbox links that inform the user of a new voicemail or incoming fax report
- Instruct your users to never open suspicious emails or attachments.
- Keep your antivirus and antimalware software updated.
- Back up your data on regular basis. If you have a clean backup you can easily restore an infected SMBs’ clean data without having to pay the ransom.
Though Cyrptolocker and other types of ransomware have taken a hit lately, it seems unlikely to deter other ransomware variants from taking their place. Jeremy Demar, director of threat research for Atlanta-based Damballa Inc., believes most botnet takedowns do little to stop ransomware perpetrators. Demar explains, “Crime is a business, so attackers are going to go wherever the highest return on investment is,” adding, “Right now, ransomware and click fraud seem to be the highest ROI they have, so they'll continue to pick up in these areas.”
In light of this, enterprises must remain vigilant in regard to their data security and keep up to date on the emerging cyber threats. VARs can assist their clients to do so by providing IT services and solutions that keep their data secure as well as educating customers on current threats and best practices.