Warning: Fake Ransomware

Uploaded on 2017-03-02 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

 

UK businesses appear to be over-hastily paying up when confronted with what appears to be crypto-ransomware, according to new data released from Citrix.

The firm polled 500 IT decision makers in firms with 250 or more employees and revealed that nearly 40% had experienced a “bluff” ransomware attack, that is a scam in which the black hat claims to have encrypted the victim’s data but in reality is simply using social engineering to force payment.

What’s more, 60% claimed to have paid up on demand, with the average sum a little over £13,400.

It remains unknow exactly how those duped by the “bluff” ransomware attacks were subsequently able to identify that they’d been scammed “because that isn’t a question that we asked them.”

It’s possible that third party experts were able to confirm this after the event: over half (57%) of affected UK businesses shared that information with the police, 59% with organisations like the National Cyber Security Centre, and 45% with cyber-security initiatives like No More Ransom.

Just 24% of affected firms shared this information with customers, partners and suppliers.

“This research leaves a worrying impression that organizations may be treating ransomware as a cost of doing business, just like shrinkage and fraud in some sectors. Yet this mentality may be resulting in British businesses paying out when it is not necessary, while simultaneously supporting cyber-criminal activity,” argued Citrix chief security architect, Chris Mayers.

“Whether they pay the ransom or not, sharing information on the ‘bluff’ attack is key to ensuring that other organisations do not fall victim to the same scam.”

He added that telling the real from the bluff can be technically challenging, especially as cyber-criminals will often try to scare the victim so they don’t try to bypass the warning screen, for example by saying their files will be deleted if they try to reboot.

Infosecurity Magazine

Ransomware- Practical Advice To Protect & Recover Using Free Tools:

 

« 2016 Healthcare Data Breaches
Computer Says No »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Code Decode Labs

Code Decode Labs

Code Decode Labs provides consulting for IT Technology, Cyber Security, Advanced Defense & Policing Technologies, Intelligent Networks, and Information Security.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Infortec

Infortec

Infortec provide consultancy and solutions for the protection of digital information and the management of computer resources.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Argentra

Argentra

Argentra is a specialist engineering company, we have years of experience developing custom security software and providing security risk consulting.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Cybalt

Cybalt

Cybalt is a security services company that provides end-to-end security solutions to help clients achieve their business goals.

Muscope Cybersecurity

Muscope Cybersecurity

Muscope CYSR platform performs a risk assessment and offers a comprehensive overview of the potential cyber attack risks.

Cognna

Cognna

Cognna's innovative platform is designed to empower you and your team, providing the tools you need to detect, prevent, and resolve threats with ease.

Fivecast

Fivecast

Fivecast is enabling a safer world. We help organizations around the world explore masses of data to uncover actionable insights.

Digital Technologies Group (DTG)

Digital Technologies Group (DTG)

DTG are a digital transformation company helping process organisations embrace smarter manufacturing through the adoption of industry 4.0 technologies and solutions.

TeamSystem

TeamSystem

TeamSystem is a leading tech company in the market for digital business management solutions for companies and professionals.