Err

Enterprise IT Solutions
IT is a science, service is an art
ABOUT OPEN SEAS
EFFICACITY We're Open Seas. A technology consulting firm founded on years of industry experience, strategic vision, and an obsessive commitment to customer service.

Open Seas are specialists in business systems from around the world. As a bridge between customers and suppliers, we aim to find the best technical solutions to meet your business needs. We have the ability to offer software that meets your exact requirements, we offer solutions to best fit your needs.
SIMPLICITY No call centres or telephone mazes. Just simple direct access to people who can actually help you. Our network of suppliers and resellers, backed up by our own team of experts and experience, will help to keep your systems up and running.

With 25 years experience, we ensure your software is valuable to your business
- helping improve performance, efficiency, quality, and of course profitability.
Secure payment methods at Open Seas
Open Seas on Facebook Open Seas on Twitter Open Seas on LinkedIn
CONTACT US
  • Open Seas (UK) Ltd The Old School House, The Causeway, East Hanney Oxfordshire OX12 0JN United Kingdom
  • +44 (0)1235 537391 or USA (650) 590 5448
  • +44 (0)1235 535168
  • info@openseas.co.uk or support@openseas.co.uk
Blog
  Back to Posts

Cyber Criminals and Ransomeware

Cyber Criminals and Ransomeware An interesting blog from our colleagues at Idealstor highlighting the challenge we all face re

combating cyber-criminals involved in ransomware attacks . Particulary relevant to us in the UK following the recent attacks on our National Health Service  :


Picture the following scenario; you have just embarked on a well-deserved holiday to Austria with your significant other, and are about to check into the luxurious 4 star hotel- Romantik Seehotel Jägerwirt. Minutes after checking in, you learn that you are unable to enter your hotel room. The two of you would like to refresh yourselves before enjoying the beautiful lakeside setting along the Alpine Turracher Hohe Pass. It is winter and is therefore absolutely gorgeous! Regardless, you still cannot enter your room to freshen up and get changed. The hotel management informs you that the key card system isn’t working and that you have been locked out of your hotel room. What’s worse is that there’s nothing they can do about it!

With your frustrations building up and your holiday experience just being ruined, you later find out that the hotel’s modern IT system has been hacked by cyber-criminals and that they were holding it ransom. They had agreed to restore the hotel’s systems if just 1,500 EUR (1,272 GBP) in Bitcoin was paid to them.

What you may have realized by now, is that the scenario being described really did occur. It was all the more real for the furious managing director, Christoph Brandstaetter, who told the press "The hotel was totally booked with 180 guests, we had no other choice. Neither police nor insurance would help you in this case.” Hence, it was cheaper and faster for the hotel to just pay the Bitcoin as ransom.

Once the hackers got the money, they unlocked the key registry system and all other computers, enabling the hotel to function as normal again. The case costed the hotel lots of money and perhaps more importantly, it negatively impacted their brand’s reputation in the eyes of their loyal customers.

This is just  one  of many reported cases involving ransomware. A study performed by Symantec between April, 2015 and April, 2016, showcased that it was not only a serious threat to private institutions and national security. It was discerned that end consumers were the most affected victims, accounting to 57% of all attacks, in comparison to enterprises at only 43%.

The various percentages in terms of the nature of businesses that were attacked:

  • Services sector with 38% was by far the most affected
  • Manufacturing at 17%
  • Finance, insurance and real estate with 10% of infections
  • Public administration at 10%
  • Wholesale trade at 9%
  • Transportation, communications and utilities at 7%
  • Retail trade at 4%
  • Construction with 4%
  • Mining, agriculture, forestry and fishing with just 1% of infections


On an international scale, the US was the region most affected by ransomware during the period mentioned, with 28% of all global infections. Canada, Australia, India, Japan, Italy, the UK, Germany, the Netherlands, and Malaysia round out the top 10. The average ransom demand has more than doubled and is now $679, up from $294 at the end of 2015.

Cyber-criminals have introduced many new versions of ransomware, that are now being coded using different programming languages, such as JavaScript, PHP, PowerShell, and Python. These languages are specifically used as an effort to evade detection by the various security products in the market.

A series of more advanced types of ransomware have also begun to worsen the damage done, by going beyond the usual methods of locking devices or encrypting files.

Some of these include:

  • CryptXXX (Trojan.Cryptolocker.AN), which contains an enhanced feature that allows it to gather Bitcoin wallet data and send it to the attackers.
  • Cerber (Trojan.Cryptolocker.AH), which is reportedly capable of adding the infected computer to a botnet which can then be used to carry out distributed denial of service (DDoS) attacks.
  • Chimera (Trojan.Ransomcrypt.V), which makes an additional threat in its ransom message.
  • RaaS (Ransomware-as-a-Service), which allows a larger number of cyber-criminals to acquire their own ransomware, including those with relatively low levels of expertise.


Adoption of these new techniques demonstrate how ransomware is continuously evolving to be more threatening while remaining profitable. Another growing phenomenon that has been witnessed with the increased number of ransomware cases, is the involvement of ‘rogue employees’ in enterprises. Rogue employees tend to have access to sensitive information that belong to enterprises and could use ransomware as a threat to expose, destroy or manipulate this sensitive information. These attacks could cost the organisation millions of dollars in terms of operations and even impact its reputation.


Some enterprises fail to understand how important the information that they hold in their systems really are, until they have faced a ransomware attack themselves. These enterprises should enlist the help of experts in the field of information security services. They can help a business safeguard their information, by engaging the correct balance of experienced professionals and tools for a specific task. Further, the trusted advice of such a service can be relied on, to help a business regain their operations in the event of a ransomware attack.

At Idealstor (founded in 2002 by Nezzen Systems out of Gaithersburg, Maryland), with the many years of experience in providing IT security services to our customers, we have built a pool of highly seasoned information security professionals. While researching and gaining expertise on malware and ransomware related attacks for years, Idealstor's professionals have developed the ‘Flashback Business Continuity and Disaster Recovery’ solution. This solution not only notifies our customers of ransomware infections, but it also allows them to resume operations from a previous backup if attacked. It enables the customer’s operation to functional normally, within minutes, instead of having to deal with downtime and the accompanying loss of productivity. Idealstor has also diversified into cloud based solutions such as Disaster Recovery as a Service (DRaaS). They have the tools and expertise within the cloud, to keep your business data protected, be operational even during a disaster and to ensure that you have peace of mind with demonstrated recoverability. More information relating to Idealstor’s DRaaS backup and recovery products and services can be found at: http://www.idealstor.com/2017/06/25/combating-the-new-age-of-cyber-criminals-involved-in-ransomware-attacks/ 

 



Created On  12 Jun 2017 10:45 in Security SoftwareIdealstor  -  Permalink

Comments

No comments available

Leave a Comment

Comments are moderated, and will not appear on this blog until the author has approved them.
Name and email address are required. The email address will not be displayed with the comment.
Your comment
Name *
Email *
Website URL