Business Focused IT Support

Ransomware will the battle ever be won?

by Nicki Dowsett in cybercrime, Helpdesk, Industry News, IT Support, Password Security, Ransomware

Ransomware, cryptolocker and cybercrime seem to be the most popular topics in the news this year.  I look after the social media here at MPR IT and a large chunk of my role is to review numerous websites looking for news that may be of interest to not only our customers but also to our team.  By keeping on top of the news means we can be one step ahead of new technology coming out, and also what to watch out for.

Most of the news seems to be about cybercrime and hackers lately.  Companies are attacked daily, from small websites through to the American government.  Utility companies, dating sites, children’s toys they have all been in the news and not for the best reasons.  Just this week it was reported that train companies in the UK had been hacked.  With more and more companies relying on technology to run it, I sadly fear it won’t be long till some unscrupulous organisation will try a major attack to infrastructure.

Example of a ransomware screen alert

Ransomware & Cryptolocker

Whilst reviewing news sites this week, I was extremely pleased to see a report on a University in Florida.  They are one small step closer to helping the world combat cybercrime, by designing a technique called Crypto Drop. The report showed that by monitoring activity on targeted files, it was possible to block ransomware when only a tiny percentage had been encrypted. Whilst it is not fail safe, it is a new approach against hackers.  The technique includes countermeasures which are triggered once ransomware infiltrates the network.  This technique relies on three indicators of ransomware activity:

  • Bulk modification of file types
  • Dissimilarity – plain text looks nothing like encrypted file
  • Entropy – encryption produces high entropy

Whilst running the demonstration it was proven that Crypto Drop can contain the action of malware.  Only 0.2% of files were encrypted. In essence this is an early warning system as opposed to a fail safe solution.  Ransomware will still be on your network, and action should still be taken to clean the network, however only a small percentage of files will be lost as opposed to the network.  This will not be an automated piece of software and will require your network administrator to run the software to help distinguish between expected and unexpected activity.

As we all know the people behind cybercrime are equally as clever and constantly coming up with new ways to infiltrate our systems and come up with new scams, once a program such as this is developed fully and launched they will no doubt be looking at ways to break through Crypto Drop.

So there is a little light at the end of the tunnel in the war against cybercrime.  In the meantime please ensure you review your network security and business practises to ensure you do not become a victim to cybercrime.  We have blogged before about the best ways to stay ahead of hackers and this technique will be no excuse to not continue ensuring your systems are secure and backed up regularly.  If you require any assistance on making sure your network is secure at all times please contact us at MPR IT Solutions.

Tags: , , , , , , ,

Comments are closed.