Ransomware Attacks Grow with Better Hacker Tools
As little as a few years ago the tools in use were only dreamed about in deploying and loading the ransomware “cannons“. But with the availability of sophisticated hacker tools, especially the ransomware tools on the dark net, anyone can deploy a ransomware attack. Businesses today need a network perimeter security technology to fight the new threats.
James Morrison, a cybercrime specialist with the FBI and a senior computer scientist, spoke at this year’s HPE Discover 2019 annual conference of users and partners in Las Vegas. Morrison said “A couple of years ago it was about 50/50, organized crime versus individuals just out there doing it. But now, we’re seeing a lot of very organized criminal elements operating out of … countries like India, Nigeria and Indonesia.”
From Kiddie Scripts to Ransomware Tools for Hire
Many years ago, hacker tools were integrated into toolkits affectionately called, “Kiddie Scripts” by some, that almost anyone could run to probe and hack their way into systems and networks.
It still took some expertise to use the full palette of tools needed to effectively fully bypass cybersecurity and be invasive.
Entry level tools now can enable anyone with the ability to deploy ransomware.
Morrison indicated, “No longer is it necessary for threat actors to be hacking geniuses; today, all they need is access to the dark web, where they can purchase simple ransomware tools. Combined with a list of email addresses purchased for a few dollars, they can turn a tidy profit if only a small number of targets are duped into clicking on a link.”
With the purchase of a ransomware software license for a month along with 24/7 customer support and anyone can deploy a ransomware attack on 100,000 unsuspecting email users where a fraction may click and yield huge rewards. Even if 5,000 click and 1000 pay the $400 ransom then the cost of the emails and ransomware tool license at around $250 could yield as much as $400,000. It is all about money and organized crime.
Cybercrime is Industrialized
Drew Simonis, deputy CISO for Hewlett Packard Enterprise, described this of cybercrime, which he said is enabled by the “development of complex supply chains and specializations” just like every other industry. Simonis indicated as cybercrime has grown, each area of the cybercrime has become an area of specialization.
Simonis said, “I go out to companies, and I’m still amazed at the number of companies that don’t have some way to detect lateral traffic inside their network. They’re like ‘Yeah, I didn’t even know what happened.’ Ransomware now isn’t just click and hit.’ It’s going to take a week before you even know it’s there if you don’t have some sort of system to detect it. And it’s going to blow up.“
Morrison indicated that due to increased phishing attacks, companies must start deploying intrusion detection systems so they can be aware of what is occurring on their networks. Even though every breach may not be avoided, knowledge of a breach allows a company to respond effectively if they know it is happening.
IT Support services and departments and Managed IT Support companies need to think differently from a couple of years ago and to employ a perimeter-based network security plan.
Crescent IT Systems have been providing IT Managed Services for our clients for over 24 years. As part of our network support recommendations we recommend to our clients to utilize an intrusion detection system as mentioned previously, which is called a Unified Threat Management system (UTM). Information Technology Service companies and Managed IT Service providers must think differently today than a few years ago with a thorough perimeter security plan.
If you have questions or would like to know more on how to protect your computers & network, contact us today and receive a free technical assessment that will find any issues or optimizations to make your IT infrastructure safer, faster and more reliable to avoid downtime.
By Paul Garrison, CEO/Founder Crescent IT Systems