GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >> Technology

 
  Share

By Alastair Paterson, CEO and Co-Founder of Digital Shadows

Dubai, UAE, September 23, 2017:  If you're familiar with mafia movies then you're familiar with extortion – the practice of obtaining something, especially money, through force or threats. Extortion has been around for centuries – well before “The Godfather” or “Goodfellas.” Even cyber extortion, which extends this criminal activity into the digital world, isn't new. What is new, however, is the wide variety of methods that are used by the bad guys to get their money. 

Three main tactics are behind cyber extortion: the threat of distributed denial of service (DDoS), the threat of data compromise and ransomware. DDoS attacks are one of the most popular means to facilitate extortion. These types of attacks typically target business-critical websites in order to increase the likelihood of payment, usually via Bitcoin (BTC), and can have crippling effects on organizations. In certain cases, such as when targeting hosting providers, the threat actor may add more pressure to pay by using the negative publicity associated with service downtime as a threat.

A second method of extortion involves the potential release of compromised data. This method is dependent on the fact that the target's data has already been compromised. The threat of its release to the public domain is used as blackmail in order to extort money from the affected entity. 

A third type of extortion, and the one most often in the news as of late, is ransomware – malicious software (malware) that restricts access to the computer system it has infected. The malware demands that a ransom be paid before restoring access to affected resources. Ransomware can prevent access to many features of a victim's machine, including files, applications and the operating system itself. Because ransomware is an ever-evolving threat that can be more challenging to address than other cyber extortion tactics, let's take a closer look at how it works and how to prevent and mitigate it. 

At a high-level, the ransomware process is fairly standard. Files are encrypted and the attackers, who hold the decryption key, will only allow the target to decrypt the files after the required BTC ransom is paid. Specific details of the attack, however, will depend on the variant.

Until recently ransomware has been delivered most commonly via drive-by-downloads from exploit kits, or through spam emails that either contain malicious attachments or encourage recipients to visit websites hosting malicious content. But we see that starting to change with threat actors using more targeted methods to achieve their objective, such as spear-phishing emails purporting to be from a job applicant or including the name, job title and job-relevant information of the recipient. The disclosure that some organizations are paying the fee to unencrypt data likely provides further motivation for these types of attacks. In fact, when the actor estimates there's a high likelihood of payment of the ransom fee they invest in more reconnaissance which can further increase the likelihood of infection.

As ransomware becomes big business, research on the dark web reveals a number of services being advertised to make it easy for beginners with low technical understanding to execute ransomware attacks with success. Everything they need is available on a USB stick for $1,200 or they can take advantage of a hosted service in return for 5 percent commission on the ransom payments received.

So how can you combat cyber extortion? Cyber situational awareness can give you greater insights into the tools and processes used by actors that employ DDoS-based extortion and compromised data release extortion. Advanced knowledge of the typical demands of a threat actor and their capabilities can help you make difficult decisions if presented with such a scenario and help you prevent future attacks.

Mitigating ransomware threats is more complex. It requires a combination of technical and process controls and company-wide engagement – from employees, to executives, to IT security teams. Cyber situational awareness can help you understand the infection vectors of the malware and apply the appropriate security controls to mitigate the risk of infection. This includes insights you can use to raise staff awareness of how ransomware attacks occur and help you devise technical and procedural controls to prevent infection and to develop ransomware response procedures in the case of infection. Of course ensuring that backups are maintained and are separate from the network can increase resilience to such attacks. In addition, several decryption tools have been released but, in the cat and mouse game between ransomware and such tools, their effectiveness tends to be short-lived; ransomware developers are continuously developing encryption methods to evade them.

As defenders, staying up-to-date with the latest trends and innovation can be hard, but it is essential in order to effectively prevent and mitigate the effects of extortion on your business. With cyber situational awareness you can learn about the actors involved in extortion and their tactics, tools and motivations. With this knowledge you can more effectively align your defenses and make better decisions in the face of an attack.



Posted by : GoDubai Editorial Team
Viewed 6661 times
Posted on : Saturday, September 23, 2017  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : Sharjah's Research, Technology, and Innovation Park the new regional headquarters of the China-Arab ...
Next Story : NetApp Enables Companies to Make Faster Decisions with Data
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Mouawad Acquires The 51.38 Carat Dynasty Diamond From ALROSA
Cerruti 1881 MOLVENO timepiece and cufflinks
Nazih Introduces New Dr. Renaud Skincare Range
Five Awesome Reasons to Visit LEGOLAND® Dubai During the Eid Al Adha Holiday
Back-to-School Shopping Made Easy with SOUQ.com
Business Wear by Hugo Boss
The new Rado HyperChrome Chronograph in bronze and high-tech ceramic
Head to Modhesh World for Summer Fun Before the School Run
Spectacular live entertainment for the entire family at Majid Al Futtaim malls i...
Never Run Out of Space for Those Joyful Summer Holiday Memories With Western Digital
Eid Gift Guide 2018
Eberhard & Co. immortalizes a legend
Trend Alert! Clueless About Plaid? kate spade Found Fresh Ways to Showcase the G...
New Addition to the HUAWEI Nova 3 Series: On-trend and fashionable HUAWEI nova 3...
The Marriott International cyclist team completes 600km R2A cycle challenge
The Moon Collection From Lacoste
OMEGA Showcases its Passion for Golf at the 2018 PGA Championship
American Eagle Takes It to the Ne(X)t Level With Fall Jeans Campaign
Calligraphy, etching and Palestinian embroidery: Learn it all at Tashkeel this S...
Samsung Launches the Galaxy Note9 in the UAE
XTouch Announces the Launch of the Robot Family Range of Rugged Mobile Phones
Why Are Chipmakers Making Smaller and Smaller Processors?
du LaLiga HPC Top Talents Arrive in Spain for 21-day Annual Scouting Camp
Aperitivo di Ferragosto
Let your kids enjoy some dancing at James & Alex Dance Studios
LG to Introduce Advanced Stylers With Ai Voice Recognition and Mirrored Glass De...
Chronoswiss Limited Edition of Flying Grand Regulator Skeleton
The new Hamilton Khaki Field Mechanical
Raymond Weil unveils a new collaboration with Marshall Amplification
CASIO announces UAE launch of new 'Pro Trek WSD-F20A' outdoor smartwatch
Baroncelli Big Date collection from Mido
VIP Golf Austin Offers Golf Packages For the Avid Tourist
Free Wellness Workshop to address Physical and Mental health issues
Beauty at Robinsons
Aster Disaster Support Team mobilized to help Kerala flood victims
Feel Alive Again With the New IKEA 2019 Catalogue
Mohamed Bin Zayed Majlis for Future Generations Announces its Second Edition
Department of Culture and Tourism – Abu Dhabi brings excitement to children at S...
Secondary Infertility: A Confusing & Emotional Ride Affecting Millions of Women
Tommy Hilfiger Dressed Up Collections
Turkish Airlines posted USD 258 million Operating Net Profit in the first half o...
Balqees concert, Iftah Ya Simsim shows and Nabati poetry recital at Dragon Mart ...
Fun GUESS Handbags for Fall18
Skydance: The Sun – shining amid the immensity of the galaxy
ENEC Launches Youth Council to Empower the Next Generation of Emirati Nuclear En...
Huawei Recognizes Dr. Erdal Arikan, the Father of Polar Codes, for his Dedicatio...
Buy One, Get One Free Entry Ticket to Modhesh World With “Smiles by Etisalat”
2XL's Nicola dining furniture creates a welcoming space to enjoy a meal
DALBY and its 50 years of experience in hydraulic hooklifts will be present at t...
Yousif Mirza Back in Action for UAE Team Emirates at the Binck Bank Tour