Scam of the day – December 4, 2018 – Two Iranians Indicted in Ransomware Attacks

Ransomware is the name for malware that once installed on a computer, often unwittingly through clicking on links in spear phishing emails, encrypts and locks all of the victim’s data.  The cybercriminal then threatens to destroy the data unless a bounty is paid.  Last year we experienced two massive ransomware attacks against millions of computers around the world.  These were the infamous WannaCry and Peta ransomware attacks. Earlier this year the city government of Atlanta becoming a victim of ransomware when some of its systems were frozen using the infamous SamSam family of malware that has been used successfully against a number of companies and municipalities. In its 2018 Verizon Data Breach Report, Verizon, which gathered data from 65 organizations in 65 countries, found that ransomware, which was only the 22nd most common malware in 2014, is now the number one most common malware used by cybercriminals.

A few days ago the Justice Department unsealed indictments against two Iranians operating from Iran, charging them with SamSam Ransomware attacks against more than 200 targets since 2015 including the attack against the City of Atlanta. Their victims included numerous hospitals, municipalities and public institutions. The two Iranians extorted more than 6 million dollars in Bitcoin ransom payments and caused losses to their victims exceeding 30 million dollars.

While companies and government agencies are often the targets of ransomware, individuals are also targeted by this malware, as well. In fact, according to a report by the security firm Malwarebytes, ransomware attacks against consumers increased by 90% in 2017 from the previous year.

TIPS

Often ransomware attacks as well as most other types of malware attacks are spread through phishing emails that lure unsuspecting people into clicking on malware infected links or downloading attachments tainted with malware.  As I am constantly reminding you, never click on links or download attachments until you have confirmed that they are legitimate.

You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.  Many past ransomware attacks exploited vulnerabilities for which patches had already been issued. However, even if you have the most up to date security software on your computer and phone, it will not protect you from the latest zero day defect malware which is malware that exploits previously undiscovered vulnerabilities.

As for protecting yourself specifically from ransomware, you should regularly back up all of your data on at least two different platforms, such as in the Cloud and on a portable hard drive.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.