Pulling the Mask Off Ransomware

Ransomware has gotten so easy, it is scary! Pull the mask off cybercriminal monsters with these tips on identifying and avoiding scams.

As Halloween approaches, kids (and adults) everywhere will be looking for the perfect costumes and masks for their Halloween parties and trick-or-treating adventures. But unfortunately, they’re not the only ones looking for new ways to disguise themselves.

Over the last few years, scammers and cybercriminals have found increasingly powerful and frightening new ways to hide their true intentions from companies around the world. As the tools for fighting cybercrime have become more complex and effective, so have the schemes criminals use to gather your business and customer data.

So, like a certain investigative team travelling around with a big dog in a neon-green bus, we’re here to pull the mask off some of the most recent ways cybercriminals are hiding their methods of attack—and help you identify the best ways to protect yourself and your company.


The Revenge of Ransomware

Ransomware is a form of cyberattack in which hackers encrypt a victim’s data and then require the victim to pay a ransom to get it back. Ransomware has made a frightening resurgence in recent months, with criminals increasingly moving toward using exposed remote access points like Remote Desktop Protocols.

Although credentials for these remote access points can be accessed through either the digital black market or brute-force attacks on your system, hackers are beginning to use anonymous email services as the starting points for their campaigns. This practice is in contrast to the traditional approach, which involves scammers setting up command-and-control servers.

Why is this important? Because many existing methods for hunting down ransomware hackers involve finding these servers. Using anonymous email services means that criminals have found a new way to hide their illegal activities more effectively.


So Easy It’s Scary

In the past, cybercriminals had to follow the same time-tested methods used by anyone who wanted to develop a skill; practice makes perfect. Whatever their preferred method of attack, finding effective ways to navigate around security systems while also avoiding detection required practice and hard work.

But times are changing. Recent investigations have discovered custom-made tools that security experts are calling “ransomware-as-a-service” software. Essentially, these kits allow cybercriminals who don’t have the skills to hack and attack themselves to now pay for access to software that will do the work for them.

This “service” means that more potential criminals than ever have the chance to jump into the game—and that means more potential attacks on your company. Businesses are at greater risks than individuals because they have more resources and more to lose in the event of stolen data. Hackers know they can get bigger paydays from ransoming businesses than individuals.


Pulling Off the Mask

Identifying ransom attacks isn’t always easy, but some common warning signs include extensions of browser plugins (often found in your browser’s toolbar), downloadable multimedia software supposedly required to play a video or audio file, or software shared on peer-to-peer sharing networks. They can even appear as a service claiming to scan and protect your computer from malware.

Avoiding these scams requires making sure your employees are informed about what to click and what not to click, and how to recognize potential scams. Whenever you’re in doubt, confirm the origin of a message independently by searching in a different window to determine if what you’re receiving is legitimate.

Don’t let ransomware criminals spook you this season. Protect yourself and your business from hidden cyberattacks. Contact Securance to learn more.