ransomware Myrtle Beach

Cerber Ransomware Kicks Into High Gear During Post-Holiday Shopping

ransomware Myrtle BeachAfter a relatively calm period, the researchers at Microsoft are warning that the ransomware known as Cerber has resurfaced stronger than ever. The target audience? Holiday and post-holiday shoppers. It also targets the data files of enterprise businesses.

Most of us are a little more aware of the need for cyber security during the holidays, but the need is equally important after the holidays! The Malware Protection Center at Microsoft has reported that the cyber attackers have amped up their game during this post-holiday season. One reason is the number of online shoppers looking for great deals after Christmas.

Top security researchers are now aware of a couple of new campaigns and spam that pinpoints all the consumer transaction during the post-holiday season. Cerber ransomware is constantly changing, causing user files to be encrypted while holding them for ransom. Just in the last several weeks the authors of Cerber ransomware are now attacking critical applications of major business files.

The newest version of this ransomware has been programmed to target the database files of Microsoft Acess, Oracle and MySQL. It’s not unusual for these files to be shut down as they are encrypted by malware.

As with so many other viruses, attackers are going straight for your inbox and flooding them with malicious links and downloadable attachments. As soon as you click on the link, the virus moves in, installing the ransomware. What’s worse is that it creates what looks like zip files that are password protected. The body of the email often contains the password, making this another huge red flag for malware. It usually states that order and delivery details are in the email.

Vulnerabilities found in previous Adobe Flash websites can also be used to exploit Cerber. If a person happens to be on this site, they will unknowingly download the malware to their computer. What’s more, any information on the version of Cerber ransomware has been scrubbed, which makes it even harder to track.

Unfortunately, an even wider net has been cast by Cerber and it’s now targeting dozens more types of files. Executing .exe, .cmd, and .msi files is now happening for the first time with Cerber ransomware.

Cyber criminals have to constantly be changing and updating their versions of ransomware in order to go undetected by antivirus software programs. Ramping up the malware complexities tells us how determined these criminals are to destroy and attack your personal files. Don’t become a victim—never click on unfamiliar links in your email! Use common sense and close out any ads or emails with suspicious links.

For more information on cyber criminals and how to stay safe from ransomware, call Tech Sentries today! (843) 282-2222.

Ransomware Myrtle Beach

Why Backups Aren’t Enough

Perfect backups will not always prevent the consequences of a ransomware attack, but backing up is vitally important.

Myrtle Beach Ransomware

 

The Problem with Ransomware:

A high-profile ransomware attack hit a well-known transportation agency over a recent holiday weekend.  This attack was a major eye-opening event, to say the least.  For the first time, a major transportation agency has been shut down by a ransomware attack.  To give you a few details, they estimated that approximately 900 of the computers in this agency were affected.  They were using backups and this provided them with the ability to restore data with no intentions of paying the ransom; so one would assume all was well.  Not exactly…

The transportation agency’s use of backups prevented them from losing all their customer and internal data.  The use of a simple backup prevented a major catastrophe for this agency.  Without the backups, they would have been faced with paying the ransom in this case, or been faced with heavy financial losses.  It took approximately 2 to 3 days in order for most of the computers to be restored and the rest followed within the week.  A large portion of their workforce was inaccessible for several days and some parts were down for almost an entire week.

The inability to work and work properly is going to cost any business money and valuable resources.  With the transportation agency’s computers inaccessible, they had to shut down the terminals and payment systems, allowing the public to ride the metro for free.  Many local articles stated that the systems being down was costing the agency $500K for every day that they were down and not working. This ransomware attack cost this transportation agency over a million dollars in the time they were down and not running.  Backing up a system can save data and is very important, but many times it is not quick enough to get you back online without losing valuable time.     

The Solution:

The story of the transportation agency demonstrates the vital importance of prevention when it comes to ransomware attacks.  In order to eliminate this problem before it begins, it’s important to put your emphasis on prevention instead of detection and recovery.  We believe that prevention is the only way to protect your business investment, and that is why we use global application whitelisting. Whitelisting allows you to avoid organized attacks and targeted areas because unknowns are always blocked no matter how new they are.  We have no way of knowing what antivirus protection the agency was using, but even with their backups they suffered huge financials losses due to downtime.

Prevention is key!  If you have any questions about ransomware attacks and how to keep your business protected, please give us a call at 843-282-2222 TODAY!