A new report from McAfee details the growth of the Netwalker ransomware code into a stable ransomware-as-a-service product that has generated more than $25million dollars in the last 5 months.
Recent high-profile attacks against organisations such as Travelex, Garmin and Canon serve as a reminder of the very real threat posed by ransomware which can threaten the survival of the business. All ransomware encrypts the targets data and demands a ransom in return for the decryption key – but Netwalker is part of a growing breed that first exfiltrates sensitive data and then threatens to release the data if the ransom is not paid. So even if the victim has the backups and technical ability to recover the lost data, the threat of the data breach may still result in some payment to the criminals.
The developers of Netwalker have also been working to ‘upgrade’ their system – for example they now provide a technical support chat portal via the Tor network and have begun advertising for ‘experienced networking affiliates’ to use their ‘service’ to deploy Netwalker against new targets.
Security Managers responsible for organisations of all sizes can take steps protect their networks from ransomware, including:
- Educating staff to protect against email threats – the most important threat vector for malware attacks against businesses.
- Segment the network to slow or stop the spread of any malware that does infect a device.
- Regularly perform vulnerability scans to identify and fix any weaknesses in the network perimeter.
- Scan incoming email for malware using a Next Generation Firewall
“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”
Aim Ltd Chief Technology Officer (CTO)