Ransomware Petya in action in east Ukraine (via Liveuamap)
It looks like 2017 truly is becoming the year ransomware went global. Ransomware appeared in 1989 but it was the rise of the internet that really enabled it, while anonymous payment systems like Bitcoin and vulnerability leaks from secret services gave it the final push. The goal of ransomware is simple: it takes something of you, be it your entire computer or (a portion of) your files and makes them inaccessible. Then it charges you for regaining control over your data! Yesterday, the Wallstreet Journal reported on another wave hitting global companies in Europe and the world.
Rabbit growth
Ransomware is growing like the famously fertile animals. In the last 2 years, over a third of the businesses globally have suffered a ransomware attack, with Forbes reporting that Ransomware attacks are up by a factor of 167! It is hard to miss, considering ransomware news is everywhere. After WannaCry hit the news, yesterday again a wide range of businesses all over the globe was attacked by what has been dubbed Petya. Like WannaCry, it uses an exploit stolen from the NSA, another reminder that the habit of secret services to hoard vulnerabilities rather than help fix them isn’t helping to keep our data secure.
What to do?
Of course, keeping your system up to date to keep it from getting infected in the first place is the minimum you can and should do. That is as true for desktop or mobile devices as it is for servers.
As ransomware typically attacks your data, making sure it is safely backed up somewhere is the first concern. Cloud storage solutions can be part of the solution but you have to be aware that ransomware usually encrypts files, which would be synced by the cloud services. So users need a way to roll back older versions from before the encryption; and the server owner should be diligent in their backup procedures to make sure that if that fails, there are other ways of getting data back.
Future – more targets?
Right now, most ransomware attacks target desktop systems. As it is widely known that mobile devices are far from up to date, it is not inconceivable that they’ll be the next target. Like data on desktops it is important to keep the files on mobile devices secure somewhere.
As a business, it is important to have a sound plan for dealing with ransomware attacks. Instead of putting business critical data in Google Drive or Dropbox, or discover that everything goes through insecure mail attachments ready to be encrypted by ransomware on your employee’s computer, you should build a safe, global cloud strategy with a private cloud like Nextcloud, putting your data under direct control of your IT department and its strict backup and security policies. Be sure you pick a software vendor with good security processes backed by a Security Bug Bounty program so you don’t end up paying with your data. And keep your system up to date and well configured! You can always use our Private Cloud Security Scanner to assess the safety of your system.
Retoma el control de tu tiempo con Hub 8: mejoras en todo Hub, nuevas aplicaciones, nuevas funciones de IA, nuevo nivel de rendimiento y comodidad. Descubre la nueva generación de colaboración.
Last year we were joined by Roundcube, the most popular open source webmail client. At the time we promised to invest in the project (interview) and since then we have brought back the mailing lists and accelerating development. And today - we introduce enterprise support for Roundcube!
Guardamos algunas cookies para contar los visitantes y facilitar el uso del sitio. Esto no sale de nuestro servidor y no es para rastrearte personalmente. Consulta nuestra política de privacidad para obtener más información. Personalización
Las cookies estadísticas recopilan información de forma anónima y nos ayudan a comprender cómo utilizan nuestro sitio web nuestros visitantes. Utilizamos Matomo alojado en la nube.
Matomo
_pk_ses*: Cuenta la primera visita del usuario
_pk_id*: Ayuda a no contar dos veces las visitas.
mtm_cookie_consent: Recuerda que el usuario ha dado su consentimiento para almacenar y utilizar cookies.
_pk_ses*: 30 minutos
_pk_id*: 28 días
mtm_cookie_consent: 30 días