Ransomware is becoming big business during the pandemic
New variations on the ransomware extortion technique have been emerging, targeting both large businesses and SMEs.
The latest is Egregor Ransomware.
It is a variant of Ransom. Sekhmet and not only does it demand a payment to unlock the systems it has attacked, but then it fails to decrypt, instead providing recommendations for securing the network that has been attacked.
It is thought to gain access via a remote Trojan and then search for system weaknesses.
Businesses need to protect themselves by:
1. Patching and updating their systems’ software and checking for and addressing any potential vulnerabilities.
2. Carrying out regular security audits of current IT infrastructure and security products.
3. Ensuring they have a comprehensive data backup plan, including secure offsite backup.
4. Using a third party mail security filter that can detect, block, and analyse malicious emails.
5. Ensuring Multifactor Authentication on all users to stop an intruder (even with a correct password).
6. Ensuring all employees are trained in cybersecurity best practices, especially regarding common access techniques such as email and compromised websites.