New Breed of Ransomware is Leaving Skilled IT Admins at the Mercy of End Users
(Tampa Bay, FL) Feb 10, 2014--CryptoLocker is alive and flourishing according to Security Awareness Training company KnowBe4. Complaints of CryptoLocker infections and resulting loss of data is on the rise. The malicious code, also referred to as “ransomware” due to the demand for fees to release captured files, is increasingly causing problems for IT security staff due to variants of the software and making millions of dollars off those targeted.
“We have been getting a lot of system administrators calling us to request security awareness training because their end users have been tricked into opening up attachments of phishing emails and infected their workstations with the CryptoLocker malware,” said Stu Sjouwerman (pronounced “shower-man”), CEO of KnowBe4. “It started last September and is not going away but actually getting worse.”
Typically, the ransomware is spread by a user clicking on a malware laden email attachment such as a fake tracking notice from UPS, Fed Ex, DHL or USPS. A Greenland, NH City Hall lost eight years of records from an employee clicking on a spoofed ATT notice and just recently Goodson Law firm (Charlotte, NC) lost access to all their files when a similar fake ATT voicemail attachment was opened and infected their file server. Although not as frequent, infection can also occur from a malicious website exploit of outdated browser plugins.
This malicious hijacker code detects the personal files of a user and wraps them in strong encryption with a $300 ransom fee to decrypt and a short window of time to pay up. This affects both the local user docs and remote shared folders, encrypting every file with standard Office extensions including images and PDFs.
Sjouwerman recommends IT managers make sure they have an effective working backup. Even with that, system administrators will need to wipe and rebuild or reimage the machine and restore the files, taking an average of 3 hours. If multiple machines are infected, it may take even longer.
According to Sjouwerman, “The need for security awareness training shouldn’t be overlooked. Despite the best efforts of IT and antivirus companies, sometimes the attachments are blocked by existing filters as “possible malware” but users request them to be released and the (outsourced) help desk releases them. Users might not initially admit they opened an attachment saying it it did nothing, until they are locked out of their files and the infection has spread.”
Antivirus companies are furiously working on a way to prevent this from occurring and some are able to block it from running, but the perpetrators are frequently changing the code, making it difficult to eradicate. KnowBe4 recommends its Kevin Mitnick Security Awareness Training 2014 as a solution to educate users how to recognize threats and avoid tricks.
About Kevin Mitnick
Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.
About Stu Sjouwerman
Stu Sjouwerman is the Founder and CEO of KnowBe4, LLC. An IT Security expert with 30+years in the industry, Sjouwerman (pronounced shower-man) was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software developer that was acquired in 2010 by GFI Software, a portfolio company of Insight Partners. Realizing that the end-user is the weak link in IT security and this being seriously neglected, Stu decided to partner with famous former hacker Kevin Mitnick and help IT pros to tackle cybercrime tactics utilizing New School Security Awareness Training combined with regular simulated phishing attacks. Sjouwerman is the author of four IT books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.
Company Overview: KnowBe4, LLC provides Kevin Mitnick Security Awareness Training to small and medium-sized enterprises, and recently introduced the brand new KnowBe4 Compliance Manager, SaaS that helps IT administrators and Compliance Officers to automate their audit- and compliance workflows, dramatically cutting down audit costs and improving organizational compliance. KnowBe4 services well over 400 customers in a variety of industries, including highly-regulated fields such as banking, finance, healthcare, insurance and high-tech. KnowBe4 expanded with a YoY growth of 427% 2012 – 2013.
