Welcome!

Cloud Security Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Yeshim Deniz

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Article

Ransomware Evolution | @CloudExpo #InfoSec #DataCenter #Security

What You Should Know About Ransomware Evolution

Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer.

And then it started becoming obsolete because an end-user. People were asking themselves: “That is my computer, would I pay $100 for it? If I don't really have data, I’d better format my PC and start all over again.” So, that strategy – locking access to computers, started becoming obsolete.  What did the bad guys do?  They realized that the previous strategy was only good when the data that computer was holding was valuable. So they started asking ransom for the data, and that's what they're doing now.

That was the evolution. It's the same thing with the same bad people doing that, evolving over time, and then we get a situation now where the bad guys are looking at the valuable part of the computer, which is the data. And now criminals are going after the computer data. They encrypt the information. They don’t pay attention when you are reaching out to some software tools on your PC. What is important now is that you won’t have the ability to open your files. Now if you need those files, if they are important to you, send money first.

Soб it's been evolving over time. The moment when someone reinvented the whole ransomware strategy and being successful with it, then everybody else in that same black hat industry started to do the same. It moved on progressively from one to the other cyber-criminal.

Encryption is an old tool, It's just putting data into a strong box and protecting it. I get your data, your personal stuff, in my strong box and say: "Hey, I won't give you the combination, just give me the money."  Is that a bad use of a safety locker?  It probably is. Does it mean that the technology is not doing its work? No, it's doing perfectly what it's supposed to be doing. It's a misuse. It's just that the bad guy is using it his way.

If you think that this is bad for the end-user, it's much worse for the corporation because at the end of the day, corporations host a lot of very important data. Private users have family pictures on their hard disk. If they lose them, they would be pained. Five years’ worth of pictures are gone, but ordinary people are not going to pay $3,000 to get those pictures back. But in a corporation, imagine salary data, financial data кthat is completely vital. Corporations need that data. In worse case scenario, if they have no backups, they have no other recourse other than paying. They will pay any sum because it's vital for the continued survival of the company. Much more is involved in a corporate scenario than in a home scenario.

At the end of the day, ransomware is not a very technically complex kind of malware. It's more of a concern because criminals are misusing a technology that is completely normal. We do have a lot of good things going. We have traditional detection. Traditional detection is a baseline. Then we can detect anything that looks vaguely like one of previous ransomware variants, even if it's vague, we can stop it and say: "This looks suspicious, stop that right there." And, more importantly, we have web reputation services, which means that any bad link that we already know of, because it's hosted on a bad IP.

What I might suggest for every person is to maintain a strong backup master plan and strategy. You should address ransomware as any other data corruption. Just as for any possible data loss, you should have a decent backup strategy available. Should you fail to have one, then you are susceptible to data loss. What if tomorrow your light goes off and your hard disk fails? What happens? Are you going to ask for any sort of compensation from the hard disk manufacturer or from the electric company? Maybe you would, but you are still screwed because you don't have your data.

More Stories By David Balaban

David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project which presents expert opinions on the contemporary information security matters, including social engineering, penetration testing, threat intelligence, online privacy and white hat hacking. As part of his work at Privacy-PC, Mr. Balaban has interviewed such security celebrities as Dave Kennedy, Jay Jacobs and Robert David Steele to get firsthand perspectives on hot InfoSec issues. David has a strong malware troubleshooting background, with the recent focus on ransomware countermeasures.

IoT & Smart Cities Stories
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...