Blog

What Happens When Ransomware isn’t Really Ransomware

What Happens When Ransomware isn’t Really Ransomware

07/06/2017

Data Security: When Ransomware is actually wiperwareRansomware has been making big headlines recently. The WannaCry ransomware attack knocked out systems all over the world in May. In late June, another massive ransomware attack (called Petya, ExPetr, or NotPetya) hit companies in Europe, taking down major companies like Reckitt Benckiser.

Except this latest ransomware attack wasn’t actually ransomware – it was worse. According to Kaspersky Labs, it was wiperware disguised to look like ransomware.

Wiperware is similar to old school viruses in that it seems to be more about disruption and destruction than extortion or making a profit (like ransomware or phishing). It wipes your files or makes your computer completely unbootable (or both!). It’s nothing new, though more recently, it’s pretty rare to see.

In the case of this attack, victims got a screen with the usual ransomware message: your files are encrypted, pay us a ransom in Bitcoin and you’ll get a decryption key to get your files back. But the files cannot be decrypted, even with payment, says Kaspersky Labs. The email account used by the attackers has also been shut down by the provider.

What can you do to keep safe?

Most malware is spread through malicious links and attachments. Don’t open attachments or click on links in emails from people you don’t know. Even if an email appears to be from someone you do know, err on the side of caution.

A good firewall and monitoring system will go a long way to preventing malicious links from getting it but won’t always catch everything. Hover over links before you click on them to make sure the URL it’s going to is where you think it’s going.

Be cautious with attachments, too. Don’t open attachments you aren’t expecting to get until the person has confirmed it’s real (use a method other than email to confirm – if their email has been compromised, the attacker can just use that to respond to you).

Some of the more recent, high-profile attacks exploit vulnerabilities in operating systems rather than relying on the end user clicking a link or downloading a file. These vulnerabilities have been patched in newer operating systems (and other systems) but aren’t fixed in systems that have reached end of life.

To ensure you stay safe from these kinds of attacks, upgrade your systems before they reach end of life (sometimes called end of service) and install security patches as soon as they’re released.

A good backup system will save you if you do get hit by wiperware (or other forms of malware). The key here is your backups cannot be stored in the same place as the rest of your systems – they aren’t going to do you much good if they get hit, too.

Data security can seem like an expensive headache - but it's nothing compared to what you'll face if you are hit by a malware attack without anything in place to protect you or get you back up and running.

Download the data security self assessment

   

Subscribe to Our Newsletter