New Ransomware Threat Hitting US Businesses
On September 19th, Barracuda announced that they have been tracking an “aggressive” new ransomware threat. The ransomware attack appears to have originated largely in Vietnam, although other sources have been traced back to India, Columbia, Turkey, and Greece.
This latest attack, following right on the heels of WannaCry and Petya, has been identified by Barracuda researchers as a Locky variant with a single identifier. The significance of the single identifier is worth noting: since there are no unique identifiers for each victim, it’s impossible for the attackers to determine who has paid a ransom and who hasn’t. This indicates that the criminals have no intention of sending decryption keys to the victims who pay the ransom.
This threat should not be ignored. Barracuda monitored over 20 million attempted attacks within the first 24 hours of identifying the threat, and that number has been growing steadily since.
We’ve already seen a few businesses in Omaha affected by this attack, so we wanted to remind everyone of the importance of a reliable, robust data backup system.
Here’s what you need to know:
These ransomware attacks are mainly coming through via email.
Current reports show that these attacks are coming in the form of spoof emails, usually branded with “Herbalife” logos or disguised as a “copier” file delivery. Though cybersecurity experts are working to stop this attack, the attackers are using randomly-generated payload files to stay ahead of anti-virus updates.
- The latest variants include:
Email with ‘Emailing – .’ as the subject line. One example is: ‘Emailing — 10008009158.’
- Email with a paragraph with legal wording to make the email seem legitimate.
- Email with “payment is attached” in the subject line to entice people to click on it.
While some businesses are losing days of productivity due to encrypted workstations and servers, our clients who have chosen to protect their data and infrastructure with a reliable backup and business continuity solution are experiencing ZERO downtime. A proper business continuity strategy makes all the difference in these situations, and Datto has proven an essential part of such a strategy.
These unfortunate attacks are becoming more frequent and more difficult to contain. If your business hasn’t already been targeted, we urge you to consider the value of your data and the importance of your network’s integrity. Can you afford to lose days or weeks to a ransomware attack?
You don’t have to.
If you have any questions about this latest ransomware attack or would like to know more about business continuity solutions, InfiNet Solutions offers complete business continuity and cybersecurity experts at (402) 895- or firstname.lastname@example.org.