Due to Covid-19, a new kind of “double” ransomware attack has appeared, in which cyber criminals seek to make sure their victims pay up, by infiltrating a victim’s data from the hospitals or other organizations before making threats about “leaking it”, unless ransom demands are met.
“Double extortion is a clear and growing ransomware attack trend,” said Check Point threat intelligence manager Lotem Finkelsteen. “We saw a lot of this during Q1 2020. With this tactic, threat actors corner their victims even further by dripping sensitive information into the darkest places in the web to add weight to their ransom demands…”
“We are especially worried about hospitals having to face this threat. With their focus on coronavirus patients, addressing a double extortion ransomware attack would be very difficult. We are issuing a caution to hospitals and large organizations, urging them to back up their data and educate their staff about the risks of malware-spiked emails.”
[To read more about ransomware: The Benefits of a Local Center, and in Puerto Rico, For Your Businness]
The fight against ransomware is endless, but fortunately, it doesn’t mean you can’t avoid it with these easy steps:
- Backing up all organization’s physical data using air-gapped storage where possible, while the digital data were “moved” to a powerful Cloud.
- Educating and preparing employees in how to spot spam and phishing emails*.
- Maintaining up-to-date signature-based protections.
- And much more.
How to protect yourself:
PR Computers (PRC) includes a powerful security and risk management, when the traditional network solutions can’t address many of the highly sophisticated attacks, like the “double-extortion”.
PRC has the capacity against strong ransomware attacks, by using advanced detection and mitigation techniques, security intelligence, threat hunting, dynamic learning, virtual patching and granular attack visibility, your applications and web servers are secured against application specific and powerful attacks, DDoS, data theft and fraud.
Remember, during these difficult times caused by the pandemic coronavirus, is the perfect timing for cyber criminals to attack vulnerable people. That means, it’s also the moment to protect your business against these threats and the ones to come.
*Phishing is one the most common fraudulent attempt to obtain sensitive information such as usernames, passwords and credit cards information by disguising as a trustworthy entity, normally through e-mails.