What is Ransomware?
Ransomware is the form of malware that has taken over news networks and even some computers around the world. It is a type of malicious software designed to block access to a computer system until a sum of money is paid to the hacker who created it. The FBI calls ransomware one of its ” biggest cyber-threats.”
This form of malware encrypts files on victims’ machines, making them inaccessible until the victim pays up by purchasing decryption keys from hackers.
While many older forms of ransomware relied on shady marketing practices for distribution, spambots are now being used en masse to spread this new variant throughout social media platforms like Facebook . Specifically, spambots post fake links onto users’ walls, enticing them to click the link and visit a malicious website hosting the ransomware. These links look legitimate at first glance, but in reality they all lead to a fake YouTube page that then redirects users to a phishing site where victims are prompted for their personal information. If entered, this data is sent straight to hackers who can then use it to steal money from users’ bank accounts.
What To Look Out For
“Ransomware is continually evolving and becoming more sophisticated,” said James Scott , senior fellow at the Institute of Critical Infrastructure Technology . “This new wave is muddying the waters by injecting legitimate content into social media platforms.”
Once on Facebook , these spambots post links with titles like “Watch Latest Video Clips Online” or “Hot Video” with a shortened bit.ly URL that leads to a fake YouTube page where users are then redirected to a fraudulent phishing site designed to steal their data, identity information and even banking information.
However, this recent wave of ransomware is not the only cyber-threat plaguing social media platforms these days. In a report released earlier this month, ” Social Engineering: The Hackers Weapon of Choice ,” security firm Proofpoint noted attackers’ extensive usage of malicious links that deliver malware by hiding it behind shortened URLs posted on Twitter .
In fact, Proofpoint revealed that from January 2015 to February 2016 there was an incredible 3,900 percent increase in spam Twitter posts related to malware and exploits as opposed to the previous 12 months. That’s a massive increase in hacking attempts.
How Companies Are Dealing With This Threat
Earlier this month, Facebook unveiled new social plugins designed to make its service more interactive and visual with the addition of camera effects, video chat and even more reactions for users.
However, the major downside is that they also make it easier for hackers to spread their malware via status updates shared among friends on news feeds throughout social media platforms. In fact, Proofpoint researchers discovered that over 85 percent of malware links sent out through Facebook were actually shared by legitimate accounts.
“We can expect cyber criminals will continue to develop new methods for delivering malicious links,” said Kevin Epstein , vice president of advanced security and governance at Proofpoint . “Legitimate actors need to be aware of these emerging threats and ensure they have the tools and processes in place to adequately protect their organizations.”
While Facebook has designed various apps and plugins that make sharing and engaging with its users even easier, it’s important to be aware of the potential risks involved when dealing with unknown links or shortened URLs.
“[Attackers] are finding new ways every day to come after us,” Epstein said. “The attack patterns we’re seeing develop are ever more complex…It’s a race.”
What You Can Do To Protect Your Assets
To prevent hacks like these from happening on Twitter , Proofpoint researchers suggest using an advanced spam-filtering solution capable of detecting malicious posts associated with social engineering attacks.
“Enterprises should consider implementing advanced threat protection mechanisms such as email gateways that provide automated detection and triage capabilities, as well as gateway-level botnet detection that can help to mitigate email-based threats.”
“While it may be impossible to completely defend against social engineering, security teams should do their best to educate employees about these common cyber-attacks and implement solutions that can effectively minimize the risk of a successful compromise,” Epstein said. “Organizations should also keep up with patches from software vendors for potential exploits.”
Check Point, a major cyber security firm, suggests users use an antivirus solution along with anti-spam technology designed specifically for Office 365 or G Suite . In addition, organizations should consider investing in a mobile threat defense solution capable of providing visibility into devices accessing company data and other resources.
Additionally, Check Point recommends users regularly back up all important business data since the recovery process may take several days depending on how much data has been lost.
“We are at a critical point in the evolution of cybersecurity,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point . “With so many security solutions deployed globally, businesses need to be able to identify and implement the most effective tools for their needs.”
Last year, the FBI reported that victims of ransomware have collectively lost more than $1 billion . Ransomware is one of the most prominent cyber-security threats facing business owners today. Businesses need to be aware of these emerging threats and ensure they have the tools and processes in place to adequately protect themselves.