Ransomware attacks have been on the rise in August, with at least three different types of viruses infecting victims in the U.S. and the U.K. These ransomware campaigns are targeting individuals and organizations in the manufacturing and healthcare sectors.
The IRS recently issued a warning about a new ransomware scam that is targeting taxpayers. The new scam is sent to taxpayers via an email that includes emblems from the IRS and the FBI, making it appear to be official correspondence. The email tells recipients that they are required to fill out a questionnaire from the FBI, and they can do so by clicking on a link in the email. The wording of the email implies that this questionnaire is required due to new tax regulations. In actuality, these new regulations don’t exist. When the recipient clicks on the link to the questionnaire, a ransomware virus is downloaded onto their device. The virus then locks the user out of the files on their device, and demands payment for a decryption key.
Across the Atlantic, another ransomware campaign hit hospitals in the UK. On August 22, NHS Lanarkshire, a Scottish health board, was infected by a new variation of the Bitpaymer ransomware. Bitpaymer asks the victim for 53 Bitcoins in return for a decryption key, but security researchers say that the files can’t be restored even with the key. This isn’t the first time NHS Lanarkshire has had its operations halted by ransomware. Back in May, the healthcare organization was also a victim of the WannaCry malware.
Another ransomware virus, Defray, was recently uncovered by security researchers. The ransomware campaign used a phishing email with a malicious Microsoft Word file to infect victims. The Word file contained an embedded executable and an OLE packager shell object, and the phishing emails were specifically tailored for the victims. The cyber attackers behind this ransomware demanded $5,000 in payment for the encryption key, but also offered the victims an option to negotiate on the ransom via email. Defray was discovered in early August when it was attacking manufacturing and technology verticals in the U.K. The ransomware campaign has also spread to organizations in the U.S.
As ransomware attacks continue through 2017, it would benefit companies to have Endpoint Management Software in place to monitor for cyberthreats. Below are five steps companies can take to keep their data secure from a ransomware attack:
Endpoint Security software can help IT departments track what’s running on their networks, and find any gaps in security. By monitoring networks for threats and immediately remediating security gaps with endpoint security software, companies can prevent a ransomware attack from compromising important files and disrupting daily operations.