INSIGHT: When Breaking Bad ransomware, don’t fall prey
- 19 May, 2015 05:31
There are various ways that hackers make money.
Extortion is one way and it’s on the rise – we hear plenty of stories about large banks giving up huge sums to keep the bad guys from distributing customer data or causing other damage.
Ransomware is a relatively new form of this same tactic and Breaking Bad is its latest example. With Ransomware, malicious code locks up data and the hacker will only decrypt it once the victim has paid up.
Breaking Bad, named after the popular TV series, has so far been largely at work in Australia where it demands A$1,000 from those who fall prey. Like all malware, it is sure to spread and mutate.
Breaking Bad Ransomware is aimed at consumers, as it locks down photos, documents and video. In the case of photos, many of these are precious to the victim, and because they are digital, there are rarely any hard copies available and the price to pay, while steep, may be worth it for end users to salvage their data.
Here is what the ransom note looks like:
But Breaking Bad is certainly not an original idea. Earlier iterations of the same idea include last year’s Cryptolocker, which not only encrypts data, but can also steal and use credit card numbers.
Cryptolocker takes over computers, encrypts the data, and only releases it once around US$650 is paid via Bitcoin. It ended up striking some quarter of a million machines.
The threat from these types of exploits is rising, and the threat depends largely on who you are.
On the IT side, there are two tiers. Computer pros with less experience are afraid these malicious applications will cost their organisations millions from extortion or pure theft, but don’t really know what to do.
True security pros know enough to block or mitigate the attacks, but consumers and small to medium sized organisations are often ill-prepared.
Regardless of your skill level, you don’t have to fall victim to ransomware and the answer is a combination of great security practices and powerful security software.
Make sure all your software, including anti-virus, is patched and up to data. Make sure your AV protection is frequently updated to spot new threats and doesn’t rely on just one AV engine.
If you want to protect your business, you will need a security tool that offers maximum protection through support for multiple AV engines such as BitDefender, VIPRE, Kaspersky, McAfee and Avira.
Leading tools are also capable of monitoring all the content coming into your emails server and block malicious attachments before they reach your users.
You may want to implement the following seven tips:
1. Train your workforce not to open attachments from untrusted sources
2. Back up your data so that if it is encrypted you have a spare copy
3. Regularly test your backups and check you can restore data
4. Block users from downloading .EXE files
5. Make sure your anti-malware is up to date
6. Employ multiple AV scanning engines
7. Regularly patch all your software
Follow these steps and you will stop up to 99.9% of the spam that carries malware such as Breaking Bad. You will also minimise the chance that any malware that does get through is executed by users.
And, if all else fails, at least you’ll have a working backup.
By Doug Barney - GFI Software