Cyber-attacks have been the biggest worry in the digital space with ransomware malware topping in the list globally, the most recent notorious variants being .eight and Clop.
Last year, ransomware attacks increased by 150 per cent from 2019 while ransom payments grew by 200 per cent.
The trend is up this year with multiple high-profile ransomware attacks targeting critical infrastructure such as banks and other businesses, as well as healthcare.
The attacks have grown in sophistication and ransom demands grown to tens of million dollars (paid in cryptocurrency) against sensitive data held as a hostage.
Ransomware is malware from cryptovirology that employs encryption to hold a victim’s information to ransom. A user or organisation’s critical data is encrypted so that they cannot access files, databases or applications.
A ransom is then demanded to provide access. A newly discovered crypto-virus variant, .eight, which belongs to the family of Phobos ransomware, is capable of targeting almost all the Servers and PCs running on Windows Server Operating System such as Windows Server 2008, 2008 r2, 2012 and Windows Operating System 8 and 10.
It encrypts all files, installed programs, softwares and data. It locks essential data such as documents, PDFs,images, videos, audios and PDFs using a strong cryptography and appends the “.eight” extension to the filename. The data can only be opened with the decryption key or tool kept on the attackers’ server.
The ransomware leaves a ransom note titled “info.txt” on the desktop that has the contact email addresses of the attackers and a pop-up window demanding ransom in form of bitcoins for the attacker to give out the required decryptor.
The price depends on how fast you contact the hackers but ranges between $1,500 and $2,000. They offer to decrypt a few files for free as a demo.
The .eight authors also warn victims not to rename the data or try to access them via third-party software lest it cause permanent data loss or increase decryption price.
Internet users are warned and advised to always exercise best practice systems security mechanisms.
When accessing the web and downloading, installing or upgrading software, take precautions like not opening email attachments and web links or enabling macros from an unknown or untrustworthy account.
In case of an attack, isolate the infected data and use only recommended decryption tools or implemented functions from official program developer companies, not unofficial software update tools.
Install reliable end-point security software, anti-viruses or anti-spyware software. Employ a data backup and recovery plan for all critical information. Regularly perform and test backups to limit the impact of data or system loss and expedite recovery.
Today’s organisations rely on their proprietary data to make critical business decisions, utilising powerful algorithms to derive invaluable insights from the unstructured data they have gathered from customers, researchers and competitors. Protection of such a valuable commodity is critical. BY DAILY NATION