I am a firm believer
If the company you worked for wouldn’t properly protect their cloud-based apps, what would you do?
See my more recent post as well - 'Use Two-Factor Authentication for cloud applications or risk fines and data breaches' for more commentary.Continue reading
Learn what you can do to tackle ransomware and protect your business from this threat. A recent story about an open source ransomware kit illustrates the reach of malware. Here I cover the 'Magic' crime kit and tips on how you can protect your business from this menance.
Ransomware is everywhere, not only hurting consumers but businesses are getting hit hard as well. In the UK according to a recent report, ransomware is responsible for 42% of UK security breaches in 2015. This isn't that surprising, businesses aren’t immune to these threats.
The level of sophistication with ransomware varies with CryptoWall, TeslaCrypt, some of the big hitters in the ‘business’. Then you have more homemade solutions, reusing code or kits, from wherever they can be obtained.
Utku Sen, a Turkish security researcher, released an open source ransomware kit, EDA2, on GitHub. He was hoping it would be “suitable for education and attack simulation for companies” and used for good.
However this wasn’t just a few lines of code, EDA2 came with actual code including instructions on how to customize it. Also included was an admin panel to set up a command and control server (C&C). This is where all the encryption keys were sent, making it a complete crime kit.
What was meant as an educational tool became known as ‘Magic’ ransomware. This was used by criminals, infecting PCs and holding data for ransom. Ultimately Utku Sen
The plot thickened when Utku Sen himself was blackmailed, if he withdrew his other ransomware education project, hidden-tear also on Github, the ransomware operator would provide the Magic encryption keys, so victims could get their data back for free
“After further discussions, the blackmail attempt turned into full-on negotiations, but Utku Sen and the ransomware operator have come to an agreement. Utku will take down the Hidden Tear repository in three days while the author of the Magic ransomware will provide all the encryption keys for free for the next 15 days.”
So a happy ending of sorts but one that illustrates the toxicity of this threat and how pernicious these attacks are.
If as a business you haven’t been attacked, well done. More than likely though, most business will get hit sooner or later. As an IT Pro, there are certain steps you can take to help mitigate ransomware, which I have outlined below:
Ransomware is a menace and evolving rapidly, you can reduce the likelihood of the damage they can inflict on a business by following some of the steps I have outlined above.
Thanks for visiting my site, a big hello if you know me already and if you don't, I hope you stick around for a while. I thought I'd tell you a few things about me and my interests. This will give you some ideas on what you can expect from my site.
I am IT Professional , working for upwards of 15-20 years (gulp!) with computing. I work for a charity, with around 1300 staff and over a hundred offices around England and Scotland.
Now is a good time to say, anything I express on this site is my own opinion and isn't affiliated with my employer or anyone else for that mater.
My current professional interests, which I'll start to post about include, in no particular order:
I am writing from the perspective of an IT Pro for other IT Pros and decision makers, people making a difference with IT delivery. I'll draw upon my experience rather just writing up by the numbers articles. Hopefully, I don't come across too preachy!
This site is experimental, it's running on Docker in a series of containers, which is
Hope you like my site, look out for new articles over the coming weeks. I have already posted my first article about ransomware, which you could check out in the meantime.