Ransomware Petya in action in east Ukraine (via Liveuamap)
It looks like 2017 truly is becoming the year ransomware went global. Ransomware appeared in 1989 but it was the rise of the internet that really enabled it, while anonymous payment systems like Bitcoin and vulnerability leaks from secret services gave it the final push. The goal of ransomware is simple: it takes something of you, be it your entire computer or (a portion of) your files and makes them inaccessible. Then it charges you for regaining control over your data! Yesterday, the Wallstreet Journal reported on another wave hitting global companies in Europe and the world.
Ransomware is growing like the famously fertile animals. In the last 2 years, over a third of the businesses globally have suffered a ransomware attack, with Forbes reporting that Ransomware attacks are up by a factor of 167! It is hard to miss, considering ransomware news is everywhere. After WannaCry hit the news, yesterday again a wide range of businesses all over the globe was attacked by what has been dubbed Petya. Like WannaCry, it uses an exploit stolen from the NSA, another reminder that the habit of secret services to hoard vulnerabilities rather than help fix them isn’t helping to keep our data secure.
What to do?
Of course, keeping your system up to date to keep it from getting infected in the first place is the minimum you can and should do. That is as true for desktop or mobile devices as it is for servers.
As ransomware typically attacks your data, making sure it is safely backed up somewhere is the first concern. Cloud storage solutions can be part of the solution but you have to be aware that ransomware usually encrypts files, which would be synced by the cloud services. So users need a way to roll back older versions from before the encryption; and the server owner should be diligent in their backup procedures to make sure that if that fails, there are other ways of getting data back.
Future – more targets?
Right now, most ransomware attacks target desktop systems. As it is widely known that mobile devices are far from up to date, it is not inconceivable that they’ll be the next target. Like data on desktops it is important to keep the files on mobile devices secure somewhere.
As a business, it is important to have a sound plan for dealing with ransomware attacks. Instead of putting business critical data in Google Drive or Dropbox, or discover that everything goes through insecure mail attachments ready to be encrypted by ransomware on your employee’s computer, you should build a safe, global cloud strategy with a private cloud like Nextcloud, putting your data under direct control of your IT department and its strict backup and security policies. Be sure you pick a software vendor with good security processes backed by a Security Bug Bounty program so you don’t end up paying with your data. And keep your system up to date and well configured! You can always use our Private Cloud Security Scanner to assess the safety of your system.