Ransomware is Exploding! What you need to know about the latest threats

Ransomware Threats: Imagine yourself walking through a crowded train station, getting ready to board a train. It isn’t until you’re in your seat that you realize a pickpocket has stolen your wallet. But there’s a twist: The thief decided to leave his business card in your pocket so you could contact him and pay a few hundred dollars to get your wallet back.

For the past few years, cyber thieves have been hacking into countless networks and scrambling critical data, which is the lifeblood of individuals and companies, large and small. Then, they demand a substantial ransom in exchange for an encryption key to restore important data.

Just over the past few weeks, we have seen a whole new level of ransomware explode—hackers are breaking into businesses, scrambling servers full of data, and leaving an email address for the business to contact to get the data back. However, before you actually get access to your scrambled data, another hacker gets into your system, deletes the previous hackers’ information, and leaves his own. Now, when you go to pay your ransom, you are actually paying the wrong hacker for the data.

CrySiS is the aptly named form of the most recent ransomware threat rocking the cyber world. Hackers are either getting into computer servers by using brute-force attacks on unsecured or open RDP connections or through MongoDB, a free, open-source, cross-platform document-oriented database program. Once the connection is authenticated and the attacker gets access to the network, they encrypt or hijack data and leave an email address to contact them so victims can “negotiate” getting their valuable data restored.

First reported to the FBI late last year, these attacks have exploded just over the past few weeks. For example, during the week of December 27th, there were only 200 reports of these attacks. However, during the last two weeks of January, there have been 20,000 reported attacks that have compromised thousands of servers. Literally, thousands of cyber thieves have left multiple demands, along with multiple calling cards.

HOW TO PROTECT YOUR DATA FROM RANSOMWARE THREATS

Call on an outside expert

Businesses have found that outside experts are invaluable in identifying unseen network security gaps. These hired hackers bring a “fresh set of eyes” and the most effective solutions. In fact, they rarely find a network without substantial vulnerabilities.

Don’t touch it just once a year

More than ever, business executives realize that cyber security is ongoing and have IT security contracts in place to ensure monthly monitoring and protection. The monthly cost of protecting a business network is insignificant compared to the business and reputation risks associated with a cyber breach.

Complex passwords are our friends

Forcing all remote users to use complex passwords is the easiest way to prevent hackers from getting in through RDP or VPN connections.  A complex password should minimally be eight characters in length and should not contain any part of their username.

Implement dual (multi) factor authentication

Dual factor authentication will require devices accessing the network to first be accepted by the network device and then allow the user to enter the password. Implementing dual-factor authentication on a network will help mitigate remote hackers from deploying CrySiS on a system.

Get in Touch

Contact one of our team members to learn more about our cybersecurity services to help protect against Ransomware Threats. We can discuss how we can help protect your organization from external or internal threats and ensure compliance with the highest security standards.

Tanner Security Consulting Services

Tanner Security is a trusted leader in IT security consulting, dedicated to protecting businesses from the ever-evolving cyber threat landscape. With over two decades of experience, we offer a full range of security solutions tailored to the unique needs of organizations across various industries. Our expertise spans IT Risk Assessments, Compliance Audits (PCI, ISO 27001, HIPAA, CMMC), Penetration Testing (web applications and networks), Policy Authoring, Virtual CIO Consulting, Network Vulnerability Assessments, SIEM Services, and Configuration Reviews.

We work closely with businesses to identify weaknesses, implement effective security controls, and maintain compliance with industry best practices, ensuring their digital infrastructure remains protected against ever-growing cyber threats.

At Tanner Security, cybersecurity is not just about meeting compliance requirements but creating a proactive, resilient security program capable of adapting to new risks. Our CMMC audit preparation services help businesses achieve the cybersecurity maturity levels required for government contracts, ensuring they meet all security controls.

Our expertise in cloud security, internal network assessments, and customized security strategies also allows organizations to develop comprehensive risk management approaches that align with their business goals. We collaborate with clients to design and implement scalable security solutions that address immediate concerns and support long-term security and compliance objectives.

Our hands-on, consultative approach and unwavering commitment to delivering practical, results-driven security strategies set Tanner Security apart. Whether your organization needs a one-time security assessment or ongoing cybersecurity support, our team of seasoned professionals provides actionable insights that help safeguard your systems, data, and reputation.

We prioritize clear communication and tailored solutions, ensuring our clients receive expert guidance that enhances their overall security posture. By partnering with Tanner Security, businesses gain a dedicated cybersecurity ally, empowering them to stay ahead of cyber threats while maintaining compliance, operational efficiency, and long-term resilience.