In the world of information security and cybercrime, hackers are known to chase certain trends. In the mid-1990s, cyber vandalism and defacing websites were actions that hackers engaged in for the purpose of making a name for themselves in the underground. Cracking commercial software and distributing pirated copies gained popularity in the early part of the 21st century; years later, data breaches and identity theft became rampant cybercrime activities.
THE DANGERS OF RANSOMWARE ATTACKS
Over the last couple of years, ransomware attacks have become the latest trend in computer crime, and this is largely because hackers have found ways to instantly monetize these intrusions thanks to the availability of anonymous cryptocurrencies such as Dash and Monero. According to a February 2018 report by Flashpoint Security, there is a worrisome ransomware trend on the rise, and it involves the commercialization of hacking tools.
The latest in ransomware is called GrandCrab, and it is part of an exploit kit that hackers have developed and made available on demand. These kits tend to attract individuals who are just getting started in cybercrime; in the case of GrandCrab, its developers are offering detailed instructions and even tech support. Buyers can either purchase the exploit kits outright or strike an agreement whereby the GrandCrab developers get a cut of the ransom payments made by victims.
PROTECTING LOCAL BUSINESSES FROM HACKERS & MALWARE
Let’s say a law firm in Victorville is targeted by hackers using GrandCrab. The initial attack vector may be a Trojan horse email containing executable malicious code that office staff members will unknowingly activate. Once GrandCrab is active, a software application similar to Windows BitLocker will look for folders and files that it can hold hostage by means of applying an arbitrary encryption layer; once this operation is complete, a window with instructions on how to make a ransom payment is displayed along with a data field that will show the key to unlock files once the cryptocurrency transfer has been received. The infected files will show a .GDCB extension and they will be inaccessible until the malware key is granted.
Another attack methodology observed by security researchers following GrandCrab is that it also seeks to infect machines that have specific Internet Explorer and Adobe Flash vulnerabilities.
Sonic Systems reminds business owners in the High Desert that the best protection against ransomware attacks is to always have a solid data backup plan in place. Instead of making ransom payments, a network administrator could reformat infected hard drives, reinstall the operating system and restore from a safe backup.