Don’t Fall Prey To Ransomware Extortionists: Kaspersky

by Priyanka Pugaokar    Jun 02, 2016

Ransomware The global endpoint security solution provider, Kaspersky has strongly recommended not to fall prey to ransomware extortionists. The Russian anti-virus firm has appealed business leaders to report ransomware attacks and help the law enforcement agencies to curb the cyber extortionists.

Vitaly Kamluk, Head of APAC Global Research and Analysis Team, Kaspersky Lab said, “ We as a leading cyber security player strongly recommend not to fulfill the demands of ransomware criminals as there is no guarantee that you will get the encryption key. We have seen cases where bad guys have asked enterprises to pay more extortion money after they fulfill their first demand. Therefore, we recommend businesses to report such incidents and build a robust security architecture to mitigate the risk of cyber attacks.”

Vitaly Kamluk, who is also a Security Researcher at INTERPOL pointed out that were many copy cats in the cyberspace who try to replicate the model of cyber extortionists. Therefore, it is important to double check whether people and enterprises are really attacked by ransomware. 

Ransomware is a type of malware that attempts to extort money from a user by infecting and taking control of the victim’s machine or the files or documents stored on it. Typically, ransomware will either lock the computer to prevent normal usage or encrypt the documents and files on it to prevent access to saved data. 

Kamluk said that CryptoWall Ransomware has created major disturbance worldwide and it has also impacted the Asia region to a large extend. Apart from CryptoWall, TeslaCrypt, Petya, Scatter, Rakhni, Rector, Rannoh, CoinVault, Bitcryptor, CryptXXX and Locky are some of the new variants in the ransomware family that poised maximum loss to enterprises worldwide. 

Also Read: India Emerges As Top Destination For Cyber Crimes

Revealing shocking facts about the current security landscape in India Kamluk said that total 554 complaints related to Locky ransomware were reported in India between March-May 2016. According to Kaspersky Lab research, TeslaCrypt ransomware targeted over 11,000 people in the country in the same period. 

The report also provides statewide breakup of ransomware attacks. Karnataka and Tamil Nadu witnessed maximum attacks 36.58 percent and 16.72 percent, respectively followed by Maharashtra (10.86 percent) and Delhi (10 percent). Though the study does not provide specific reasons for the traction in these states, Kamluk said that increasing adoption of technology, rapid digitization and young population using smartphones could be the reasons behind cyber criminals targeting these states. Enterprises such as Education and Research institutes, Engineering firms, Brokerage and Financial firms, Government, Chemistry, Energy and Healthcare sector were largely hit by ransomware attacks, the report revealed.  

India receives over 60,000 ransonware attacks per year; wherein 86 per cent of ransomware attacks are Crypto-ransomware. In a major attempt to steal data, cyber criminals recently targeted Maharashtra governments headquarter in Mumbai. The Locky ransomware reportedly infected 150 computer systems. Enterprises have also reportedly paid lakhs of rupees as ransom to decrypt the data, however, such incidents rarely brought to the notice in a public domain.  

Also Read: Is Indian Govt Ready For Ransomware Attacks?

“Awareness is the most powerful weapon to fight with the ransomware criminals. Apart from that simple steps can help the enterprises to mitigate the risk of cyber attacks. Most important thing is to make multiple backups and keep it safe offline. With this business leader can retrieve their sensitive data. Secondly, it is crucial to keep software updated and install a reliable and KSN enabled anti virus software”, Kamluk said. 

Kaspersky in association with Netherlands’ National High Tech Crime Unit has built up Coin Vault descriptor and provided press access to decryption keys to victims of ransomware attack. “Kaspersky is offering tools not only to protect our customers, but the general public. We have solutions for Endpoint security, Mobile security and Data centers and vitalization”, said Altaf Halde, Managing Director, Kaspersky Lab- South Asia.

“We also provide solutions for industrial security and security intelligence. These solutions are developed by industry experts and they work in a proactive as well as reactive manner. Apart from that, we also provide cyber security training at different levels. I think that sets up apart from the competition in India” he said.