On September 19th, Barracuda announced that they have been tracking an “aggressive” new ransomware threat. The ransomware attack appears to have originated largely in Vietnam, although other sources have been traced back to India, Columbia, Turkey, and Greece.
This latest attack, following right on the heels of WannaCry and Petya, has been identified by Barracuda researchers as a Locky variant with a single identifier. The significance of the single identifier is worth noting: since there are no unique identifiers for each victim, it’s impossible for the attackers to determine who has paid a ransom and who hasn’t. This indicates that the criminals have no intention of sending decryption keys to the victims who pay the ransom.
We’ve already seen a few businesses in affected by this attack, so we wanted to remind everyone of the importance of a reliable, robust data backup system.
Here’s what you need to know:
These ransomware attacks are mainly coming through via email.
Current reports show that these attacks are coming in the form of spoof emails, usually branded with “Herbalife” logos or disguised as a “copier” file delivery. Though cybersecurity experts are working to stop this attack, the attackers are using randomly-generated payload files to stay ahead of anti-virus updates.
While some businesses are losing days of productivity due to encrypted workstations and servers, our clients who have chosen to protect their data and infrastructure with a reliable backup and business continuity solution are experiencing ZERO downtime. A proper business continuity strategy makes all the difference in these situations, and Datto has proven an essential part of such a strategy.
These unfortunate attacks are becoming more frequent and more difficult to contain. If your business hasn’t already been targeted, we urge you to consider the value of your data and the importance of your network’s integrity. Can you afford to lose days or weeks to a ransomware attack?
You don’t have to.