• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Christmas for Ransomware: How COVID-19 Is Fueling Cybercrime

    November 18, 2020 Alex Woodie

    American tech professionals may be feeling secure working from home in 2020, but that warm fuzzy feeling quickly turns into a sticky, cold sweat when one realizes all the overtime that cybercriminals are putting in to steal your hard-won resources. The situation is getting so bad that some have taken to calling COVID-19 “Christmas for ransomware.”

    According to Bitdefender’s “Mid-Year Threat Landscape Report 2020,” reports of ransomware increased by 715 percent from the first half of 2019 to the first half of 2020. The company says that this figure suggests that threat actors upped their ransomware campaigns to capitalize on both the pandemic and the work-from-home context and the commoditization of ransomware-as-a-service.

    “A spike in scams, phishing and malware across all platforms and attack vectors seems to have been a direct result of cybercriminals leveraging issues related to COVID-19 to exploit fear and misinformation,” the company says in its report.

    In late October, the federal law enforcement agencies issued a warning that cybercriminals were actively targeting the healthcare and public health (HPH) sector with ransomware attacks, leading to what it deemed an “increased and imminent cybercrime threat” to U.S. hospitals.

    The Cybersecurity and Infrastructure Security Agency (CISA), Health and Human Services, and the FBI stated that “malicious cyber actors are targeting the HPH Sector with TrickBot and BazarLoader malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.”

    Hospitals can prepare for a ransomware attack by making sure their backup systems are working, as well as disconnecting their systems from the Internet (if possible). Avoidance of personal email accounts — a common vector for ransomware attacks — is also advised.

    Matthew Rogers, the CISO Americas for Syntax, thinks the 715 percent ransomware figure is understated, and that ransomware attacks are actually more widespread than that. “It’s really growing in an exponential way,” he said yesterday in a webinar on combating ransomware. “A lot of these things go unreported.”

    Cybercriminals are having success with ransomware attacks because they’ve shifted their technologies and techniques to avoid detection by legacy security tools that attempt to detect ransomware by detecting signatures, or hashes, of known attacks, he says.

    They’re launching “custom attacks for individual companies,” he said in the webinar. “They’re recompiling the code and they’re changing things so that these hash-based solutions just don’t work anymore. The same one isn’t used a hundred places.”

    At one point, these ransomware attacks could be attributed to bored hackers out for the LOLs. But today, ransomware attacks are sophisticated endeavors often run by state-based actors, and they’re doing it to make money.

    The combination of legacy security tools and the work-from-home mandate is making it easier for cybercriminals to evade detection as they infiltrate corporate networks, Rogers said.

    “Say a laptop [gets hit] at home. That’s high with the COVID risk now,” he said. “They VPN into the work network and that compromised machine is now routing traffic through the VPN back through the business. So barriers that were considered safe are no longer safe with all these remote workers. . . . It’s really changing the landscape and how effective these attacks can be.”

    Nearly two-thirds of financial services (FS) firm have been hit with some sort of cybersecurity attack in the past 12 months, according to Eden Prairie, Minnesota-based data security provider HelpSystems.

    New research released by the firm last week indicate that 45 percent of CISOs and CIOs in global FS firms say the pace of cyberattacks has increased since the COVID-19 pandemic started. Nearly half of the survey takers say they have responded to the increased threat by focusing on securing the remote workforce (42 percent) and spending more money on secure collaboration tools (47 percent).

    “It’s a highly challenging cybersecurity landscape for the financial services sector, with many CISOs focused in battling day-to-day threats alongside trying to achieve broader strategic objectives,” HelpSystems CEO Kate Bolseth stated in the press release. “Technology is a key part of cybersecurity of course, and no organization will ever be secure without the right security solutions to protect the organization here and now. But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”

    In August, HelpSystems spent $217 million to acquire GlobalScape, a Texas-based developer of managed file transfer (MFT) software. HelpSystems is positioning its MFT offerings as a way for employees to collaborate during the pandemic while maintaining security.

    RELATED STORIES

    COVID-19 Delivers 2020 Clarity for Omnichannel

    HelpSystems Buys GlobalScape For $217 Million For File Transfer Expansion

    Is Information Overload Hurting IBM i Security?

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: HelpSystems, IBM i, Managed File Transfer, MFT, Ransomware

    Sponsored by
    LaserVault

    Integrate Virtual Tape to Automate Your Backups And Strengthen Your Ability To Recover From Cyber Attacks And Disasters

    With most IT departments stretched thin, finding something that can quickly free up IT time is definitely a bonus. That’s why it’s important to stop and take a look at integrating virtual tape into your backup and recovery. Virtual tape is one of those technologies where once you have it, you’ll wonder why you didn’t do it sooner. See a demo and get a $50 gift card.

    But what is it about using virtual tape that makes it so worthwhile? Why is it that so many IBM i shops are already using or considering using virtual tape for all or part of their backup and recovery systems?

    Virtual tape and virtual tape libraries offer a way to both simplify and strengthen backup and recovery operations. By incorporating virtual tape technology, automation of backups becomes possible resulting in hundreds of hours saved annually for IT departments and personnel.

    “We needed to find a replacement that would lower the maintenance cost and reduce complexity of our backup and recovery functions without a major disruption to our operations.” David Fray, Director of Enterprise Systems, ABC Financial

    LaserVault ViTL is a virtual tape and tape library solution developed specifically for use with IBM Power Systems (from AS/400 to iSeries to Power 9s). With ViTL you can:

    • Replace physical tape and tape libraries and eliminate associated delays
    • Automate backup operations, including the ability to purge or archive backups
    • Remotely manage your backups – no need to be onsite with your server
    • Save backups to a dedupe appliance and the cloud
    • Recover your data at lightspeed greatly improving your ability to recover from cyberattacks
    • And so much more

    Sign-up now to see a ViTL online demo and get a $50 Amazon e-gift card when the demo is complete as our way of saying thanks for your time. Plus when you sign-up you’ll receive a free facts comparison sheet on using virtual tape vs tape so you can compare the functionality for yourself.

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Don’t Count Tape Out Just Yet, ESG Report Says Trinity Guard Unveils New Tools for Linux, Db2 for i

    One thought on “Christmas for Ransomware: How COVID-19 Is Fueling Cybercrime”

    • Ralph Daugherty says:
      November 19, 2020 at 8:56 am

      Ransomware and most malware is designed around Windows and in many cases requires an Intel compatible CPU. We’re of course vulnerable to open source vulnerabilities which is cross platform. Ransomware is based on uploading a program to encrypt the disk drives. None of that will happen to the IBM midrange. Companies would be secure running on the IBM midrange but Windows is relatively cheap. So until someone has to pay the price for exposure of the company, ransomware will continue. So far only sacrificial lambs pay the price for massive loss of data, lawsuits, and inability to continue doing business. Sometimes a C exec, mostly someone lower. None of them can be bothered to use secure operating systems like IBM i.

      Reply

    Leave a Reply Cancel reply

TFH Volume: 30 Issue: 74

This Issue Sponsored By

  • Maxava
  • Datanational Corporation
  • Blair Technology Solutions
  • UCG Technologies
  • Raz-Lee Security

Table of Contents

  • Trinity Guard Unveils New Tools for Linux, Db2 for i
  • Christmas for Ransomware: How COVID-19 Is Fueling Cybercrime
  • Don’t Count Tape Out Just Yet, ESG Report Says
  • Four Hundred Monitor, November 18
  • IBM i PTF Guide, Volume 22, Number 46

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM Mulls Using DataMigrator as Cloud Warehouse Pipeline
  • PowerTech AV Automatically Detects Ransomware Activity
  • Infor Puts CM3 Project On Hold
  • Four Hundred Monitor, June 29
  • IBM i PTF Guide, Volume 24, Number 26
  • Guild Mortgage Takes The 20-Year Option For Modernization
  • IBM i Licensing, Part 3: Can The Hardware Bundle Be Cheaper Than A Smartphone?
  • Guru: The Finer Points of Exit Points
  • Big Blue Tweaks IBM i Pricing Ahead Of Subscription Model
  • We Still Want IBM i On The Impending Power E1050

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.