Ransomware is a continually growing threat to IT network security, with more attacks happening every year. In 2017, these attacks have presented even more challenges since the technology behind them has become more sophisticated.
Smarter and more damaging threats that can bypass network security in new ways have caused thousands of ransomware infections and cost businesses hundreds of thousands of dollars in comparison to 2016. In all cases, the solution is often working with network services who can maintain complete and up-to-date security for your business network.
2017 - A New Generation of Ransomware
Until recently, most ransomware was spread by email or certain other ways computers receive infected file downloads. These files were extracted from and affected each specific computer or network, demanding a ransom in exchange for a decryption code to unlock encrypted data. While this type of attack suggests questionable network security, attacks were at least contained within the individual system that was infected.
The appearance of the WannaCry ransomware worm changed this, bypassing IT network security in new ways. This malware was self-propagating, meaning it was able to install itself on a vulnerable computer, then spread throughout an entire network. It could also spread through internet connections by scanning for other vulnerable systems it had already encrypted.
This behavior, completely different than that displayed by any previously known ransomware, changed the entire landscape of cyber threats and the need for up-to-date security and secure network services.
2017 - WannaCry and Petya
The WannaCry ransomware worm exploited a network security vulnerability in the Microsoft Windows OS that affected the implementation of the SMB. This vulnerability, called “Eternal Blue,” enabled the software to install itself, then go looking for other computers that had the same OS vulnerability. Microsoft had actually become aware of the vulnerability beforehand and issued a patch two months before the WannaCry attack.
Despite this, WannaCry was able to do considerable damage attacking business computers in the healthcare industry because these systems had yet to have the Eternal Blue patch installed as part of their essential network services. The attack affected thousands of networks globally. It was a perfect example of how IT network security is only as safe as the security methods currently being employed.
Only six weeks after WannaCry’s devastating attacks, Petya struck. This ransomware utilized the very same Eternal Blue vulnerability along with some other SMB techniques that allowed it to spread even to those systems that had received the Eternal Blue patch.
Based on these two ransomware attacks and how Petya built on vulnerabilities that WannaCry had already exploited, experts in network security and security have come to a conclusion. Many believe this could just be the beginning of a new breed of ransomware that is more difficult to contain and control. The idea of self-propagating ransomware spreading on its own stresses the importance that your business have up-to-date IT network security.
As these threats continue to develop and emerge in the future, your only option to staying one step ahead is working with network services that can ensure your security using advanced and up-to-date techniques!
