A huge concern for businesses is the new opportunities for hackers which have made themselves available, just as many tech-savvy workers are being laid off and need income to feed their families.
Some will no doubt be lured to the easy money made from hacking.
In fact, the hacking business is getting easier as hackers are recruiting other hackers via affiliate programs.
This is made far worse by the fact that Ransomware is now Extortionware as we covered in January of this year.
Before this was the case, if a company was infected with ransomware, they could pay the ransom and hope they retrieved their data or they could wipe the affected machines and restore from backups.
A surge in spending on backup solutions ensued as companies became more prepared for the inevitable click from an employee which caused malware to be installed that encrypts all the files on the network.
Extortionware, however, means the hacker takes the data they have access to because they have broken into your network and starts releasing it to the public.
As we write this, New York-based Grubman Shire Meiselas & Sacks who had its computer systems hacked and 756 gigabytes of private documents and correspondence stolen is being extorted for $21 million.
The hackers alleged they have possession of information on the law firm’s clients past and present, including Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel, Run DMC and Facebook.
Now that we know what Extortionware is, here is where things get far worse. The Netwalker ransomware operation is recruiting potential affiliates with the possibility of million-dollar payouts and an auto-publishing data leak blog to help drive successful ransom payments.
The Extortionware uses multithreaded technology to encrypt – making it efficient and looks for all mapped drives to make them useless. The victim’s data is published automatically, according to the settings the hacker chooses.
The affiliate receives 70% of the ransom. Interestingly, Apple also gives publishers 70% of the revenue derived via App Store purchases.
The site has advertised some of its more successful large hacks which range between around $700,000 to $1.5 million. So the hacker can make over $1 million from a large victim.
According to Bleeping Computer:
Netwalker has gone one step further and created a leak site that allows their affiliates to create posts containing a victim's name, their description, links to their data, a password to open the data file, and the date and time that the data should be posted.
The site will then show a countdown for a particular victim's data reveal to provoke anxiety within their victims in the hopes it will coerce them into making a ransom payment.
Covid-19 has made the cybersecurity posture of companies far worse. We at Apex Technology Services recently hosted a webinar with Datto describing best practices companies should follow during these challenging times with so much telework taking place. Datto makes great business continuity solutions.
As always, we try to learn from these incidents and help others do the same.
These attacks often start as an email that a user inadvertently clicks on. The best way to combat such an issue is via phishing simulation. This is done by sending messages to users which look like messages a hacker would send. If the user clicks, they are instantly trained. This is the best way to laser target training to those who need it most. We suggest our PHISH360 which is free to use for small businesses.
In addition, our company, Apex Technology Services offers network security assessments which should be done regularly to ensure systems are as secure as possible.
While the Covid-19 pandemic has made this a challenging business climate for many organizations, hackers are stepping up their efforts, knowing work at home users are more vulnerable. There will also be many new hackers to deal with as tech layoffs mount worldwide. A company dealing with a pandemic has enough problems… Adding the financial challenges of a ransomware attack to an already tough situation may be unsustainable for most organizations.
The time to get help is now – before an attack takes place.