Thursday, September 10, 2015
Now even holding your cloud data to ransom is trending
Although we tend to think of ransomware, whereby data is encrypted via malware infection and a 'release fee' demanded to disclose the decryption key, as a consumer-facing threat the news from Kroll Ontrack would seem to suggest that it's something businesses might need to take increasingly seriously as well. The mechanics of the threat have, it would appear, evolved somewhat though. Kroll Ontrack engineers say they have seen a "significant spike" in the number of inquiries regarding data recovery following ransomware attacks on virtual drives, although the actual severity of this increase has not been disclosed to us. Shane Denyer, a data recovery engineer at Kroll Ontrack, confirmed that the company is seeing "a definite move away from attacks that target large numbers of small business or home users" and a move towards "more of a spearphishing approach where individual, larger corporations come under fire." In particular, our attention was drawn to attacks where hackers are said to be deleting virtual drives completely on corporate systems and replicating the data on their own servers. "The first time the companies know about the attack is when they find a note from the hacker where the virtual drives used to be, criticising their security arrangements and requesting payment for return of the data or threatening to sell it on the open market," Kroll Ontrack explains in an emailed statement.