Ris GroupRis GroupRis GroupRis Group
  • Home
  • Consulting
    • Incident Response
    • Cloud Consulting
    • Cyber Risk Assessment
    • Penetration Testing
    • Application Development and Management Solution
  • Compliance
    • DFARS 7012 & NIST SP 800-171
    • PCI DSS Compliance
    • FISMA | GBLA | SOX
  • About Us
  • Why Us
    • Our Focus
    • Our Experience
    • Customer Support
  • Cyber Security Training
  • Contact Us

Ransomware & What You Need to Know!

    Home Uncategorized Ransomware & What You Need to Know!
    Previous

    Ransomware & What You Need to Know!

    By Admin | Uncategorized | Comments are Closed | 6 August, 2017 | 0

    The major ransomware attack spread across the world in this past June and struck against large pharmaceutical companies, Kiev metro, an airport, banks, Chernobyl radiation detection systems, the hospitals and government agencies. This ransomware that was behind the cyber attack was known as WannaCryptor, also called as WannaCrypt or WannaCry.malware. It is fair to say that these advanced attackers can be expected to attack with  new kind of  ransomware tactics, whose implications  on organizations will be remarkable if practical and innovative measures are not put in place.

    Below are some of the things to know about ransomware:

    1. What is ransomware? Ransomware is a type of malicious malware that block access to files and data on devices such as computer, tablets or smartphone and there will be a demand or ransom to unlock it. In the case of the Petya ransomware, the malicious software spread rapidly across the organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows. These malicious ransomware uses an asymmetric encryption algorithm, which controls a public and private pair of keys. When the data is encrypted with the public key, it can only be unlocked by the other matching private key and vice versa.
    2. Should victims pay cyber ransoms? Victims are always advised never to pay the ransom as it encourages the attackers. This is because there is no guarantee that the encrypted files or data will be returned after payment of ransom. Instead, restore all files from a backup.
    3. How much do hacker typical take as ransom?Payment are demanded and made via Bitcoin. This is a digital currency which is popular among cybercriminals because it is decentralized, unregulated and practically impossible to trace. The ransom for such attacks usually range between 0.3 and 1 Bitcoins which is between $300 to $600 to unlock the files. It may seem like a small amount, but these attacks are often distributed widely and the ransom payments adds up.
    4. How to mitigate the ransomware attacks. The best to mitigate against ransomware attacks is to ensure that all files are backed up in a complete separate system. This means that if an organization suffer an attack valuable information will not be lost to hackers.  According to the U.K. National Cyber Security Center, all computer emergency response teams and security experts, businesses and all the organizations worldwide need to ensure that the following five mitigation strategies are in place:
    • Install MS17-010: Install the MS17-010 fixand all available OS updates issued by Microsoft in March 2017 to prevent getting exploited by the MS17-010 vulnerability. Any systems running a Windows version that did not receive a patch should be removed from all networks.
    • Install emergency Windows patch: Microsoft has issued one-off security fixes for three operating systems that it no longer supports: Windows XP, Windows Server 2003 and Windows 8.
    • Disable SMBv1: If it is not possible to apply either patch, disable SMBv1. Refer to guidance from Microsoft for doing so.
    •  Block SMBv1: Block SMBv1 ports on network devices – UDP 137, 138 and TCP 139, 445.
    •  Shut down: If none of the above options are available, shut down your computer. This can be prevented by shutting down vulnerable systems.
    No tags.

    Admin

    More posts by Admin

    Related Post

    • The Indispensability in Cloud Computing

      By Admin | Comments are Closed

      Cloud computing is one of the latest trends in technology development. It’s been used for decades but its performance and service now in 2017 is indispensable. Every business requires a huge storage space whether smallRead more

    • The Risk Management Approach

      By Admin | Comments are Closed

      The NIST 800 Series are documents that defines the United States federal government and how to implement their security policies, procedures and guidelines. The National Institute of Standards and Technology is known to be aRead more

    • Cybersecurity awareness, the best Investment

      By Admin | Comments are Closed

      The kind of sophistication applied to cyber attacks these days by hackers reveals how there is the general lack of cybersecurity readiness in organizations. Most of the sources of the cyber threats are not technological issuesRead more

    • GBLA Compliance and Information Security

      By Admin | Comments are Closed

      The  massive hack of JPMorgan Chase and other banks shows how huge the apetite of cybercriminals for financial data .Such breaches usually result in  massive damage can cause a business as such to  incur (JPMorgan Chase attackRead more

    Previous

    Recent Posts

    • Ransomware & What You Need to Know!

      The major ransomware attack spread across the world in this past June

      6 August, 2017
    • GBLA Compliance and Information Security

      The  massive hack of JPMorgan Chase and other banks shows how huge the apetite

      24 July, 2017
    • Cybersecurity awareness, the best Investment

      The kind of sophistication applied to cyber attacks these days by hackers

      24 July, 2017
    • The Risk Management Approach

      The NIST 800 Series are documents that defines the United States federal

      24 July, 2017
    • The Indispensability in Cloud Computing

      Cloud computing is one of the latest trends in technology development. It’s

      24 July, 2017

    Archives

    • August 2017
    • July 2017

    Follow Us

    About Us

    RIS Group is a leader in cybersecurity solutions that help organizations whether small, medium or large to reduce the risk of cyber breaches and demonstrate compliance. We are best in tightly integrating and automating all eight critical IT GRC components: Risk Management, Compliance Management, Audit Management, Vendor Management, Incident Response Management, Vulnerability Management and Policy Management.

    Read More

    Recent Posts

    • Ransomware & What You Need to Know! August 6, 2017
    • GBLA Compliance and Information Security July 24, 2017
    • Cybersecurity awareness, the best Investment July 24, 2017

    Contact Us

    Address:

    5900 Balcones Dr, Suite 8157 Austin Texas 78731

    Phone:

    281-803-8431

    Fax:

    (855) 544-8747

    Email:

    info@risgroup.org

    NAICS Codes

    541511 541512
    541619 541618
    324110 541611


    DUNS: 080764941
    CAGE Code: 7WVL6
    EIN: 821944210

    ©2022 Ris Group. All Rights Reserved
    • Home
    • Consulting
      • Incident Response
      • Cloud Consulting
      • Cyber Risk Assessment
      • Penetration Testing
      • Application Development and Management Solution
    • Compliance
      • DFARS 7012 & NIST SP 800-171
      • PCI DSS Compliance
      • FISMA | GBLA | SOX
    • About Us
    • Why Us
      • Our Focus
      • Our Experience
      • Customer Support
    • Cyber Security Training
    • Contact Us
    Ris Group