Microsoft’s Executive Security Advisor told that the Ransomware saw a 752 per cent increase in 2016
The Japanese anti-virus developer company Trend Micro’s disclosed that there is 752 per cent increase in ransomware. It is a software used by hackers to block data and then demand money to return it. It was revealed in the company’s recent Security Roundup. In 2016, the company has also told about the sudden rise in cyber threats and warned about it. Cyber Criminals using Ransomware to extract money from enterprises were of more popularity.
Recently, Microsoft’s, Executive Security Advisor for the company’s Enterprise Cyber Security Group in the Middle East and Africa, Cyril Voisin, spoke on the same issue. Whilst ransomware isn’t the most popular malware in the region yet, “it is still a source of concern, because the idea that someone can infect your machine, encrypt all your data so you can’t read it, and then ask you for money to unlock it — that is scary,” Voisin told Gulf News. “We have seen victims among consumers — all operating systems, not just Microsoft’s. But, more worryingly — we have also seen it in a hospital abroad,” he added.
In his speech, he cited an example of how Hollywood Presbyterian Medical Centre’s was attacked which made the Hospital pay 40 bitcoin, the cryptocurrency that was worth about $17,000 (Dh62,390) at the time, to recover its patients’ records. Cyril Voisin revealed more details on it at Microsoft’s Think and Act Like a Hacker event at Dubai.
Ransomware is an easy money option for attackers. The Cyber Criminals keep updating ransomwares all the time to make it difficult for antiviruses to detect them. It takes more than 20 minutes for an antivirus to detect such malware, which is enough time given to the malware to perform its task.
He cited some measures which companies should take care to protect its’ data from Ransomware. “It is important to not open attachments that are unsolicited, to not visit malicious websites and to make sure you have a backup,” Voisin said.
Cybersecurity expert, Paula Januszkiewicz said that the biggest concern is the undetectable changes frequently occurring in ransomware. She revealed that it is executed through Windows core services just like PowerShell, which is a tool, network administrators use. A slight redundancy in PowerShell coding can invite the malware. Power Shell is used to encrypt data and ransomware scrambles it to make it useless until you pay the attacker his demand.