Ransomware and Watering hole strategy

Symantec Internet Security Threat report 0f 2015 has provided some interesting insights into the current trends in threats and vulnerabilities in the Cyber space.

One of the interesting findings of the study is the raise of ransomware as a major threat.

Ransomware is malicious software that locks and restricts access to infected computers. The malicious software then displays an extortion message using a social engineering theme that demands a ransom payment to remove the restriction.

In 2014, the ransomware attacks more than doubled from 4.1 million in 2013 to 8.8 million (approximately 24000 per day). The file encryption attacks leading to ransom demands expanded from 8274 in 2013 to a whopping 373,342 in 2014 showing a nearly 20 times jump in the threat. The actual ransom demands on an average was around US$ 1000 to 2000. However, since we have seen ransom demands of upto $5 million in India during the last year, it can safely be said that if the victim is a corporate entity, the damage could be significant.

Yet another point worthy of noting is the use of watering hole strategy for distributing the malware. This strategy plants the trojans in a popular website such as that of a news paper which is both respected and also has high traffic. (The name is taken from the strategy used by hunting animals which wait near water resources in a forest and catch their prey). The downloaded trojans are used for identity theft and other malicious purposes. The advantage of such watering hole attacks is that in corporate networks which maintain restricted internet access, the popular sites may be provided access and hence can reach out to the employees.

The threats analysed in the report give directions to the information security managers to check the effectiveness of their controls. The study also provides some guidelines on best practices which are a good starting point to evaluate the security systems of user organizations.

Naavi

Print Friendly, PDF & Email

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.