The latest explosion in malware is being reported as spreading at an alarming rate with Kapersky Lab reporting more than 45,000 attacks around the world in only a few short hours.
An urgent malware threat is making news today with Kapersky Lab reporting more than 45,000 attacks around the world in only a few short hours. This alarming rate of infection reinforces that ransomware is emerging as one of the major threats of our time and by some reports has grown into a billion dollar business for online thieves.
Gizmodo is updating this page with information on the current threat and information on how its spreading.
This particular ransomware is called WanaCryptor and you can see a map of it spreading in a tweet from Malware Tech:
It functions similar to other ransomware in that it locks down files unless the victim makes a payment. Ransomware infects machines though inadvertent clicks on malware links in phishing emails that pose as legitimate emails.
Protecting your organization from ransomware requires a “defence in depth” strategy that includes everything from user education, layers of firewalls inside and outside the network and anti-malware/virus software on user PC’s.
Today’s world of BYOD and home office make matters more complex, as possible attack vectors increase. However, there are steps that can be taken to help detect when malware has infected a device or and PC and tries to communicate with its command and control software.
There are literally hundreds of combinations of technologies that sophisticated organizations are taking to protect themselves. This isn’t just a big business problem. Hospitals can have patient operations crippled and in the UK this virus has caused them to turn away non-emergency patients. According to one report 70% of small businesses that get hit never end up recovering.
From CIRA’s perspective it is an important reason why we have released the D-Zone DNS Firewall Service for Canadian organizations and businesses. For those interested in a presentation on the firewall and how it works they can book a meeting with our DNS experts from the product landing page.