A new strain of malware has been spotted on the dark web that is up for sale for less than $50 for a lifetime licence. The ransomware, named Stampado, gives victims 96 hours to pay the ransom before it starts randomly deleting files from their PC. Security experts provide an insight on this ransomware below.
Wieland Alge, VP and GM EMEA at Barracuda Networks:
“The rise of cheap and accessible ransomware like the Stampado variant is an indication of an accelerating evolution of the threat landscape. It is the direct result of the digital transformation of crime. However, being successful at spreading ransomware does require a very broad set of criminal skills, including blackmailing, negotiation, money laundering and the ability to digest monetary success.
“Simply put, organisations have to adapt to the growing threat of ransomware by deploying a more comprehensive approach to protect their digital assets and communications. For example, ransomware is a good example of how a well-deployed backup process can play a decisive role in limiting the damage of cyber attacks, not just malfunctioning equipment.
“Malicious emails are getting more sophisticated and more targeted, making it easier for employees to be tricked into clicking on a suspicious link. It only takes one person clicking on the wrong link or opening the wrong attachment to give ransomware the opportunity it needs to infect a whole system. Next generation firewalls, email security and backup can provide what’s known as the “secure trinity”, not just against ransomware, but also against the next waves of digital crime.”
Ryan O’Leary, VP Threat Research Centre at WhiteHat Security:
“Ransomware is the new phishing attack. It’s a quick and easy win for bad guys that more than likely haven’t even breached your network. But the threat of bad press, reputat
ion damage and fleeing customers is enough to incentivise companies to pay the ransom. This has caused a huge spike in ransomware threats, which in turn has stirred up a media frenzy. The bad guys aren’t dumb. They realise that there is this paranoia and fear, so it’s really easy to send an email saying “Send me 10 bitcoins or else”, and inevitably a few will actually cough up.
“Ransomware is just one specific attack scenario and companies need to protect against ALL threats, not simply focus on a single issue. By performing a full vulnerability assessment and fixing the issues, you can protect your company from a far larger threat landscape. If 90% of your fence has already fallen over, what’s the use in trying to fix a hole in the 10% that’s left up? You need to protect against all threats, not one specific one.
“For the companies that are truly concerned about ransomware, in addition to vulnerability assessments, they can follow some easy industry best practices. Simply backing up your data and using up-to-date encryption will negate a lot of the risk of ransomware.”
Tony Martin, UK & IE Managing Director at Falconstor:
“Cheap ransomware is likely to cause a headache for both organisations and the public sector. Attackers commonly target both personal and business email accounts and because of this the chances of an attack being successful are greatly improved. As well as training staff not to click suspicious looking links, organisations need to deploy disaster recovery solutions with snapshot technology, so that if the worst does happen, data can be restored in a timely fashion. Lincolnshire County Council avoided paying a ransom earlier this year and regained its data by having a disaster recovery solution in place. This is a great example of how organisations and the public sector can mitigate this risk with the correct solution.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.