Cybersecurity: Ransomware-resistant

Ransomware is a type of malicious software cyber attackers use to encrypt an organization’s systems or data and extort payment to restore access.

Ransomware attacks are becoming increasingly sophisticated and have gained publicity in recent years, however, it is not an entirely new threat. The first ransomware virus was in the 1990s when Harvard professor Dr. Joseph Popp, a World Health Organization consultant and AIDS researcher, mailed 20,000 informational floppy disks containing ransomware to a group of international conference attendees. The virus encrypted computer files and demanded that the victims send $189 dollars to a physical mailing address. Dr. Popp’s ransomware virus, known as the “AIDS Program,” was the first ransomware attack of its kind.

Since the first ransomware attack in 1990, the disguise of these attacks have become more difficult to detect. A ransomware attack could look as simple as receiving an email masked as a major company such as Amazon or Rogers suggesting your account requires verification. Usually these ‘phishing’ emails include a link which can instantly encrypt your computer. Sometimes it is a fake desktop computer update. In either case, once the link is clicked or the file has been downloaded successfully on a computer, the malware hides and typically instructions are given to the victim to regain access by paying ‘ransom.’

Ransomware attacks are extremely harmful and disruptive to organizations, resulting in financial loss and the permanent loss of sensitive or proprietary information.

Who is at risk?

Studies show that large organizations with the perceived ability to pay millions of dollars in ransom are the largest targets. Technology companies, government agencies and hospitals are also often affected by these types of attacks. However, in recent years small businesses are noticing an increasing number of attacks as well. Unfortunately, no company is completely safe.

RaaS (Ransomware-As-A-Service)

One of the key reasons why ransomware attacks have been on the rise is due to the introduction of RaaS – or, ransomware-as-a-service. With RaaS, the developer crates a strain of ransomware, then licenses it to other cybercriminals for use in their attacks. There are two main benefits to this for hackers:

1. The developer does not need to carry-out attacks, rather they earn money by collecting a percentage of each attack’s revenue
2. Hackers don’t need technical experience – they just need to hire and collect revenue from the attacks they design

So what is the solution? The first step is to evaluate how devices are being managed in your corporation. In a shared device environment, employees take a device with them without having to install software. Even so, by simply browsing websites even they can get infected. Once infected, the infected systems can be sold on hacking forums and the buyer gains access to install ransomware, encrypting the data on the device. Sometimes, the data on the device can get backed up on time. Often though, the data that gets encrypted in these scenarios is lost, even if the company decides to pay the ransom fee. With the M3 Platform – data does not exist on the employee devices. After each use, the data is wiped after being placed back within the kiosk and there is ultimately nothing for hackers to encrypt. This is called ransomware-resistant technology. For companies that manage a fleet of devices, this approach has shown to prove many benefits. If cybersecurity is at stake, consider a unified platform like the M3 Platform to host/secure/manage your fleet of devices.