GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >> Technology

 
  Share

By Alastair Paterson, CEO and Co-Founder of Digital Shadows

Dubai, UAE, September 23, 2017: If you're familiar with mafia movies then you're familiar with extortion – the practice of obtaining something, especially money, through force or threats. Extortion has been around for centuries – well before “The Godfather” or “Goodfellas.” Even cyber extortion, which extends this criminal activity into the digital world, isn't new. What is new, however, is the wide variety of methods that are used by the bad guys to get their money.

Three main tactics are behind cyber extortion: the threat of distributed denial of service (DDoS), the threat of data compromise and ransomware. DDoS attacks are one of the most popular means to facilitate extortion. These types of attacks typically target business-critical websites in order to increase the likelihood of payment, usually via Bitcoin (BTC), and can have crippling effects on organizations. In certain cases, such as when targeting hosting providers, the threat actor may add more pressure to pay by using the negative publicity associated with service downtime as a threat.

A second method of extortion involves the potential release of compromised data. This method is dependent on the fact that the target's data has already been compromised. The threat of its release to the public domain is used as blackmail in order to extort money from the affected entity.

A third type of extortion, and the one most often in the news as of late, is ransomware – malicious software (malware) that restricts access to the computer system it has infected. The malware demands that a ransom be paid before restoring access to affected resources. Ransomware can prevent access to many features of a victim's machine, including files, applications and the operating system itself. Because ransomware is an ever-evolving threat that can be more challenging to address than other cyber extortion tactics, let's take a closer look at how it works and how to prevent and mitigate it.

At a high-level, the ransomware process is fairly standard. Files are encrypted and the attackers, who hold the decryption key, will only allow the target to decrypt the files after the required BTC ransom is paid. Specific details of the attack, however, will depend on the variant.

Until recently ransomware has been delivered most commonly via drive-by-downloads from exploit kits, or through spam emails that either contain malicious attachments or encourage recipients to visit websites hosting malicious content. But we see that starting to change with threat actors using more targeted methods to achieve their objective, such as spear-phishing emails purporting to be from a job applicant or including the name, job title and job-relevant information of the recipient. The disclosure that some organizations are paying the fee to unencrypt data likely provides further motivation for these types of attacks. In fact, when the actor estimates there's a high likelihood of payment of the ransom fee they invest in more reconnaissance which can further increase the likelihood of infection.

As ransomware becomes big business, research on the dark web reveals a number of services being advertised to make it easy for beginners with low technical understanding to execute ransomware attacks with success. Everything they need is available on a USB stick for $1,200 or they can take advantage of a hosted service in return for 5 percent commission on the ransom payments received.

So how can you combat cyber extortion? Cyber situational awareness can give you greater insights into the tools and processes used by actors that employ DDoS-based extortion and compromised data release extortion. Advanced knowledge of the typical demands of a threat actor and their capabilities can help you make difficult decisions if presented with such a scenario and help you prevent future attacks.

Mitigating ransomware threats is more complex. It requires a combination of technical and process controls and company-wide engagement – from employees, to executives, to IT security teams. Cyber situational awareness can help you understand the infection vectors of the malware and apply the appropriate security controls to mitigate the risk of infection. This includes insights you can use to raise staff awareness of how ransomware attacks occur and help you devise technical and procedural controls to prevent infection and to develop ransomware response procedures in the case of infection. Of course ensuring that backups are maintained and are separate from the network can increase resilience to such attacks. In addition, several decryption tools have been released but, in the cat and mouse game between ransomware and such tools, their effectiveness tends to be short-lived; ransomware developers are continuously developing encryption methods to evade them.

As defenders, staying up-to-date with the latest trends and innovation can be hard, but it is essential in order to effectively prevent and mitigate the effects of extortion on your business. With cyber situational awareness you can learn about the actors involved in extortion and their tactics, tools and motivations. With this knowledge you can more effectively align your defenses and make better decisions in the face of an attack.



Posted by : GoDubai Editorial Team
Viewed 4026 times
Posted on : Saturday, September 23, 2017  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : Sharjah's Research, Technology, and Innovation Park the new regional headquarters of the China-Arab ...
Next Story : NetApp Enables Companies to Make Faster Decisions with Data
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Reverse the effects of hair fall with Crescina Re-Growth HFSC Shampoo
Achieve whiter teeth at home with Spotlight Teeth White Strips
Time for Some AIGNER Love
Noble™ Anti-aging Skin Care Products
Golden Bridge Rectangle Diamonds Celebrates The Virtuosity Of Art Deco Design Genius
Skyline Conducted Women of Substance: A Panel Discussion on Women Empowerment
UAE National Day celebrated in Skyline Carnival 2017
RUNWAY DUBAI creates a new buzz campaign for fashion tourism
SUC signed MOU with Waldorf Astoria Ras Al Khaimah
SUC conducted Tour Guide Training Program for SCTDA
Calvin Klein Presents Steadfast Collection
Gift gorgeous skin this festive season.
Mohammed bin Rashid Launches UAE Astronaut Programme
Mido's Multifort Escape - An uncompromising timepiece for exploring new horizons
NIVEA MEN and Real Madrid Extend Partnership Globally Covering 70+ Countries
Sthan, bringing you authentic Frontier food from beyond borders, is now open in Dubai
Eberhard & Co. celebrates 130th Anniversary with special commemorative Edition C...
Coach Women's Lex Stainless Steel Bracelet Watch Collection
Absolutely Rejuvenated Skin to Start the New Year
‘Artistry' - Branded Jewellery show at Malabar Gold & Diamonds' outlet in Meena ...
BOSS watches presents Navigator Collection
Celebrate the Festive Season With the Galleria on Al Maryah Island in Abu Dhabi
Together for Egyptian Cinema: A Million happy viewers
Feast your way into the festive season at The Coffee Club
Bovet Presents Brilliant Is Beautiful Gala Benefitting Artists for Peace and Ju...
Dubai Land Department Launches its Smart Archiving System
Svelte BU4108-11H dress watch in black and rose gold plating makes an impact
Gourmet Gifting at Tub of Butter
Hottest Smartphone ever! Go get a true luxury phone from HUAWEI
Over 200 developers across India participate in CREDAI's Indian Property Show
Robinsons National Day Trunk Show
The First “Dilmah Silver Jubilee Gourmet” in a Middle East Hotel Opens in Pullma...
Lg V30+ Launches in the Uae and Makes Its Way Into Customers' Pockets and Lives
Glamazle.com names a Lipstick after Yardstick Marketing as a testimonial to the ...
Unilever's Lipton Jebel Ali Tea Factory First in MENA to Achieve Bronze World Cl...
Step into 2018 with skinade & slow down the signs of ageing
Ghantoot present 17th Emirates Open Polo Championship International
More Than 6,000 Bears Donated to Toys With Wings & Emirates Red Crescent for Nov...
Epson to showcases the future of large laser display technology at InfoComm MEA 2017
With the Increasing Trend of Grooming Among Men, Kaya Skin Clinic Launches an Ex...
Dubai Customs reaffirms efforts to combat counterfeit goods with Japanese partners
Automechanika Riyadh turns focus on exciting growth potential of Saudi automotiv...
Awqaf and Minors Affairs Foundation, Family Village Celebrate 46th UAE National Day
The Verses of Peace Exhibition begins at the Abu Dhabi World Trade Centre
Switzerland wins a Good Design Award for the first chronograph-watch in history
Saxo Bank 2018 Outrageous Predictions: 2018 will be a true roller coaster ride c...
Green Hope on Former US Vice President Al Gore's 24 Hours of Climate Reality telecast
The du Youth Council Holds a Volunteering Day at Al Ain Zoo with People of Deter...
Win 3000 Dollars with Splash
Indian realty in revival mode, says industry expert