Ransomware Spreads Like A Virus In The Cloud
(Stu Siouweman @ CyberHeist) An obscure 2-year old ransomware strain called Virlock has a nasty feature: it is capable of stealthily spreading itself via cloud storage and collaboration apps. That way just one infected user can unknowingly spread the infection further across your network, Netskope researchers discovered. Virlock is borrowing from a wide range of threat techniques. How does it work? Ransomware normally spreads through email phishing attacks, exploit kits, removable drives or external network shares. However, Virlock is a weird family of ransomware that not only encrypts files but also converts them into a polymorphic file infector just like a virus. Apart from infecting the usual documents and image related files, it also infects binary files. Yikes. Virlock has effectively weaponized every data file it encrypts, converting each one into a propagation vehicle for the malware itself. Read the whole story at the KnowBe4 Blog with links, a bunch of screenshots, schematics and how to mitigate if you get hit with this, because there is one silver lining that you need to know about: |
Ransomware's Greatest Adversary: Employee Cyber Awareness |
October is National Cyber Security Awareness Month, a great opportunity to strengthen your human firewall in the war against this ransomware epidemic. Here are two great bits of ammo if you need to get budget for IT security. First is an article that explains how ransomware causes downtime for sometimes a whole organization and how to boost cyber security awareness. I suggest you send this to the powers that be and cc HR while you are at it. This was written by a large insurance / reinsurance company: Next, the DHS site has lots of tools, hints and themes you can use. In their words: "October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident: |
- Printer-friendly version
- Log in to post comments
- 2643 reads