for the infected party asking them to download a Tor browser and go to a defined address and follow the instructions on the site. The current ransom amount seen so far has been 0.49 Bitcoin (which is roughly $2,080 USD) for you to get a key to unlock your files. At this time all attempts to use other methods to decrypt the files have been unsuccessful; so PLEASE we urge you to info your team members to use extra precautions when opening MS Word attachments.
If you think this bad boy is trouble, this next ransomware is a new strain of the Mamba, which utilizes the the open source Windows disk encryption utility, DiskCryptor and this one doesn’t just encrypt your files, no it encrypts your entire hard disk. This past Thanksgiving, San Francisco’s MUNI ( Minicipal Transportation Agency) systems were infected, in turn causing major delays during an already intense travel weekend; in turn forcing the officials to shut down the ticketing kiosks and entry gates at several stations. To this day it is quite unclear how the ransomware initially finds its way into a corporate network, researchers believe like most ransomware variants, Mamba might be using either an exploit kit on compromised or malicious sites or malicious attachments sent via an email.
The ransom note does not immediately demand money, rather the message displayed on the infected screen only claims that the victim’s hard drive has been encrypted and offers two email addresses and a unique ID number to recover the key.
In the last few years, Ransomware has climbed to the up the cyber threat charts to become one of the largest threats faced by any computer user (personal and business), the attacks have increased in the last few months.
You’re probably asking, “What do we need to do to keep ourselves safe? and the answer is although at this moment there is still no fool-proof method to fully protect yourself from these threats there are some preventative actions that may be taken.
Ensure that your system is properly patched and that your current Antivirus is up-to-date: It is imperative to stay on top of these two. Another tip is to run regular scans of the system to ensure that nothing has infected your workstation or server.
Educate yourself and your end users on phishing emails: Alway be on the look out and hypervigilant when you receive an attachment that is out of the ordinary. Be cautious to not open a link within an emailed document, without verifying with the sender and or your IT Department or IT Services Provider.
Perform regular backups: You need to keep a good backup of all critical files and data. Ensure that your backup solution incorporates copies of data to external or remote media that is not always connected to your server or PC.
There’s no excuse today for SMBs to leave themselves unnecessarily at risk of a cyber-attack. With the right investments, a proper appraisal of your risks, and some good old-fashioned common sense, it’s a straightforward task to keep your SMB as safe as it can be.
Want to know how your business measures up in today’s world of cyber-threats?
Contact us today at 954-908-3600 about our Cyber Security Assessments, one of our skilled Network Security Experts can work with you to determine your current risk levels and establish an action plan to mitigate any threats.