Expert Comments

BitPyLock Ransomware Now Threatens To Publish Stolen Data

Expert(s): Security Experts
Expert(s): Security Experts

As reported by Bleeping Computer, a new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. BitPyLock was first discovered by MalwareHunterTeam on January 9th, 2020 and has since seen a trickle of new victims daily. In this recent version, the actors have changed their targeting to focus on network compromise and the claims of stealing data before encrypting devices.

Experts Comments

Dot Your Expert Comments
Ameesh Divatia
January 23, 2020
Co-Founder & CEO
Baffle

Organizations must develop strategies that focus on protecting the data they collect at all times.
Data is the new ‘oil’, the most important asset that an organization has, making it a lucrative target for bad actors. The vast majority of high-profile breaches result from the fact that companies are already compromised. A data-centric protection strategy is a foolproof approach to thwarting smash and grab data exfiltration operations. It starts with deciding what data to retain, followed by protecting it as it is ingested. Encryption at the record level is a data transformation.....Read More
Data is the new ‘oil’, the most important asset that an organization has, making it a lucrative target for bad actors. The vast majority of high-profile breaches result from the fact that companies are already compromised. A data-centric protection strategy is a foolproof approach to thwarting smash and grab data exfiltration operations. It starts with deciding what data to retain, followed by protecting it as it is ingested. Encryption at the record level is a data transformation technique that will protect data at all times as long as the key and the data never come together creating a ‘fail-safe’ mechanism. The next and most difficult step is to share that data responsibly with third parties, using other transformation techniques, like masking and tokenization, will prevent sensitive data from being exfiltrated. Finally, with new capabilities such as privacy-preserving analytics, it is now possible to process that protected data without compromising privacy.  Read Less
Jake Moore
January 22, 2020
Cybersecurity Specialist
ESET

Encrypting personally identifiable information in business is the best protection on such important data.
Ransomware has become one of the most powerful financially driven weapons used by malicious actors, and if companies continue to pay, it will continue to haunt us for a while longer yet. Coupled with extorting data, it’s becoming an epidemic. Companies need to prepare for the worst and simulate an attack such as this to really locate where the vulnerabilities lie. Losing data to encryption is one thing, but losing it in clear text to the dark web is another level altogether. Encrypting.....Read More
Ransomware has become one of the most powerful financially driven weapons used by malicious actors, and if companies continue to pay, it will continue to haunt us for a while longer yet. Coupled with extorting data, it’s becoming an epidemic. Companies need to prepare for the worst and simulate an attack such as this to really locate where the vulnerabilities lie. Losing data to encryption is one thing, but losing it in clear text to the dark web is another level altogether. Encrypting personally identifiable information in business is the best protection on such important data. This will mitigate the risk of it being compromised and exposed online.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Fake Netflix App Allows Hackers to Hijack WhatsApp

Hackers Pretend To Be Your Friend In The Latest WhatsApp...

Millions Of Brits Still Using Pet’s Names As Passwords Despite...

Advertised Sites May Appear Genuine On First Glance

Facebook Ran Ads For Malware-ridden ‘Clubhouse for PC’

Linkedin Data Of 500 Million Users Being Sold Online

Experts Comments On Identity Management Day – Tuesday 13th April

Experts Perspectives On Verizon Mobile Sec Index: WFH The New...

What The Govt Is Missing From Its Recent Cybersecurity Improvement...

Experts Insight On CISA Advisory Regarding Attackers Targeting SAP