As reported by Bleeping Computer, a new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. BitPyLock was first discovered by MalwareHunterTeam on January 9th, 2020 and has since seen a trickle of new victims daily. In this recent version, the actors have changed their targeting to focus on network compromise and the claims of stealing data before encrypting devices.
Data is the new ‘oil’, the most important asset that an organization has, making it a lucrative target for bad actors. The vast majority of high-profile breaches result from the fact that companies are already compromised. A data-centric protection strategy is a foolproof approach to thwarting smash and grab data exfiltration operations.
It starts with deciding what data to retain, followed by protecting it as it is ingested. Encryption at the record level is a data transformation technique that will protect data at all times as long as the key and the data never come together creating a ‘fail-safe’ mechanism.
The next and most difficult step is to share that data responsibly with third parties, using other transformation techniques, like masking and tokenization, will prevent sensitive data from being exfiltrated.
Finally, with new capabilities such as privacy-preserving analytics, it is now possible to process that protected data without compromising privacy.
Ransomware has become one of the most powerful financially driven weapons used by malicious actors, and if companies continue to pay, it will continue to haunt us for a while longer yet. Coupled with extorting data, it’s becoming an epidemic. Companies need to prepare for the worst and simulate an attack such as this to really locate where the vulnerabilities lie.
Losing data to encryption is one thing, but losing it in clear text to the dark web is another level altogether. Encrypting personally identifiable information in business is the best protection on such important data. This will mitigate the risk of it being compromised and exposed online.