Which ransomware payment option is best? (Hint: none)

Imagine this scenario: Your business is suddenly struck by a ransomware attack, leaving your crucial data under lock and key by cybercriminals who demand a hefty ransom to release it. The price to regain access? It’s steep, and you’re not in a position to meet their demands. But here’s where it gets interesting – in a twist reminiscent of “buy now, pay later” deals, some ransomware operators are now offering victims the option to extend their payment deadlines. Recent studies have shed light on how these ransomware syndicates are evolving their tactics. Among their new strategies is offering victims a menu of ransom options. This includes the choice to pay a fee of $10,000 to postpone the public release of their stolen data or to pay for the complete deletion of their data before it goes public. Negotiations over the ransom amount add a deeply unsettling aspect to these encounters. To ramp up the pressure, these groups have introduced some harrowing new features on their websites, such as countdown timers that tick away the minutes until the data leak, counters that track page views, and tags that blatantly expose the identity and details of their victims. The intention behind these tactics is clear: to back victims into a corner and push them towards meeting the ransom demands. You may think paying the ransom is the quickest way to safeguard your business data, but here’s why that’s a risky move: Paying doesn’t ensure the return of your data or prevent future demands for more money. By paying, you’re indirectly supporting criminal activities, encouraging them to target more victims. Making ransom payments could also land you in legal hot water, as paying cybercriminals is considered illegal in some jurisdictions. So, how can you protect your business from becoming the next victim of a ransomware attack? Regular, secure data backups can save you from being held hostage by cyber threats. Educate your team on the dangers of ransomware and how to spot phishing attempts and dubious links. Invest in high-quality cyber security solutions and keep them updated. Regularly update your systems and apply security patches without delay. Segregate your network to contain ransomware spread should an infection occur. Have a detailed incident response strategy ready for potential ransomware attacks. Choosing to pay ransomware demands often leads to more problems, with businesses that comply becoming repeated targets. Instead, focusing on preventative measures can offer a stronger defense. Should you need assistance enhancing your cyber security posture, don’t hesitate to reach out to us.

Dark Web Monitoring: what is it & does my business need it?

The global pandemic transformed the way we conduct business, and it’s unlikely that things will ever be the same again. With the increasing reliance on online platforms for both personal and professional transactions, geographical distances and time zones have become irrelevant. However, conducting business online also comes with inherent dangers and threats that we must be aware of.

One significant threat is data breaches, where cyber criminals manage to hack into legitimate commercial website databases. Well-known companies like Facebook and T-Mobile have fallen victim to such breaches, resulting in the theft of over 550 million records. In fact, the Identity Theft Resource Center reported a staggering 68% increase in stolen data in 2021 compared to the previous year.

When your email and password used to log into a website are stolen, they end up in the hands of highly skilled and destructive cyber criminals. These criminals may also obtain other personal information, such as addresses, mobile numbers, and credit/debit card details, that you have saved on the website.

So, what happens to your stolen data?

Your stolen credentials typically end up in a hidden part of the internet known as the Dark Web, where a significant portion of cyber-criminal activity takes place. Over time, your stolen data may be used and distilled by a sequence of criminals in their efforts to create financial gain at your expense. The exact methods they use to steal from end users using stolen credentials can vary, but it’s a sophisticated and malicious process that can span months or even years.

Understanding the risks and implications of data breaches and the Dark Web is crucial for protecting your personal and business information. It’s important to take proactive measures, such as implementing strong security measures and monitoring services, to safeguard against these threats in the ever-evolving landscape of online business transactions.

As we have emphasised, cybersecurity is not limited to a single tool or service, but rather a comprehensive security suite that protects various aspects of your online presence, including email, computers, devices, and overall online activity.

Now, we can answer the initial question of why dark web security is necessary. Dark web scanning acts as a proactive measure before cyber criminals can fully exploit your breached data. By providing timely alerts about breach details, it allows you to take relevant actions to secure your account and render the stolen or breached data useless.

You can easily purchase dark web security from Geniosity at a reasonable monthly cost. A large substantial loss can be avoided with dark web security in place.

If you would like to delve deeper into this topic, please feel free to get in touch with us. We are happy to provide useful information for your business and assist you with dark web security.

For more information about dark web scanning, please visit our Dark Web Monitoring page or drop us a line.

Viruses, Ransomware & Phishing, Oh My! Part 2

This is Part 2 of a 3 part series on keeping up with computer threats in the digital age. If you missed the first part, you can read about Viruses, Spyware & Trojans in Part 1.

Ransomware​

Ransomware is something that has been in the news a lot lately. As more of our systems and services have an online component, criminal syndicates are creating ways to take advantage of this for financial gain. A ransomware program has the ability to gain access to a system and spread, it works away in the background of a device and, in essence, can lock you out of your data by encrypting it or even moving it. Often the system will then display a message saying that the data has been locked and that you will need to pay a ransom to have it unlocked.

Ransomware is the number 1 security threat and can be highly profitable for hackers. Ransomware attacks can target individual computer users and small to medium sized businesses but increasingly large corporations and even government services and providers are being attacked. Many of these breaches have made the news lately with high profile providers such as Colonial Petroleum Pipeline and multiple hospitals, having their systems locked. At times the locking of this data can have very serious and even life-threatening consequences.

An attack on your personal system may see a request for a relatively small amount of money in the thousands but some larger targets may be required to pay millions of dollars to retrieve their data. Worryingly ransomware threats are on the increase with some hackers even offering RaaS or Ransomware as a Service where a hacker can provide a system that will take control of the whole process including the requesting of funds.

 

Similar to ransomware is Doxware or Leakware which can infect your system and leverage your sensitive photos or files. It requests a ransom, which if not paid, will see your data shared online.

Ransomware can be hard to protect against with quality antivirus software being an essential first level of protection. As ransomware can be used to remotely lock your system through the use of services like iCloud, good password security is a must. Make sure to use different passwords for each of your logins and change them often. A password manager can assist in remembering all of your passwords with some even notifying you of a breach. Two-factor authentication is another security measure that can help you to stay secure. As companies like Windows and Apple are constantly fixing security vulnerabilities as, they will release system updates which contain ‘patches’ or fixes. Keeping your computer or mobile device up to date is a great general security measure.

Keeping a regular backup that is separate from your main system is also a good option. If your device is infected with ransomware, then you will have a copy of your data to restore. You can regularly backup to your cloud services such as Dropbox, Google Drive and iCloud or use a backup specific program that backups to an external hard drive while you work. A good practice is to have a rotating system of backup drives with one kept offsite. While external hard drives can be infected by ransomware, keeping an offsite drive will minimise this risk.

 

Continue reading this series of 3 articles in Part 3, where we take a look at the threat of Phishing.Â