Ever wonder why we're beating the drum so loudly about doing all you can to protect yourself from ransomware these days? Let's skip over how incredibly damaging getting hit can be. Let's forget about the Russian hacking of emails. Forget about some black hat hacker in some foreign land (who seems so far away that you think he's unlikely to care about your company's network). How about we consider the boy next door?
Consider this - did you know that there's a program being sold out there known as "Philadelphia", a ransomware-as-a-service crimeware package that is sold for roughly $400 to would-be cybercriminals who dream of creating their own ransomware empires? Seriously. I'm not making this up. There's a video on Youtube promoting the features and useability of the product. “Everything just works,” claims the creator, The Rainmaker. “Get your lifetime copy. One payment. Free updates. No monthly fees.”
Soup to nuts! Everything you would need to build it all from ground up. Without writing a single line of code. And all automated! Check it out...
This is one of the reasons we're seeing the steep increase in ransomware attacks - because the proliferation of point-and-click tools sold in the cybercrime underground. Tools that make it so incredibly simple for anyone to begin extorting others for money. It's crazy to even talk about, but Philadelphia is touted as having many advanced features, including the ability to generate PDF reports and charts of victims to track the campaigns, as well as the ability to plot victims around the world using Google Maps.
On top of this, recently it's come to light that a very aggressive jabber spam campaign has been going on advertising the “Philadelphia” ransomware. japper is an instant messaging platform frequented by black hat hackers. So, they're actively marketing this product to their customer base! Craziness!
So, what's my point of all of this? Primarily, I hope this helps spread the word of what's going on out there in the cyber world so that you can better protect yourself. The point is that ransomware and other malware attacks aren't just for the big boys and aren't just aimed at large companies. They actually aren't aimed at anyone other than those who are the least protected. These hackers automate their tasks and just roll through ranges of IP addressess seeing who they can get to. And all it takes is just a small crack in your armor for them to get in.
So, what can you do?
Again, I don't want to sound like a broken record (so I won't). Instead, check out our more recent blog posts to see the details:
- The Cliff Notes of ESET's Small Business Cybersecurity Survival Guide and Datto's Ransomware Report
- 8 Ways to Protect Your Network Against Ransomware
- The Cliff Notes of Verizon's 2017 Data Breach Report
Suffice to say, if you are one of our Managed Service clients and you're fully on our "FPA Stack", then you've positioned yourself well. As with anything in the cyber security world, there's no 100% guarantee. But, I can guarantee you that, odds are, the hackers will be working on other, less protected networks.
What do you think? Has this info been helpful? Let us know in the Comment box below or shoot me an email if you’d like to chat about this in more detail.