Cybersecurity News: Ransomware as a Service

Updated: May 20, 2020

It’s hard to take two steps in today’s internet without running into the concept of software-as-a-service, or SaaS. It’s a pervasive software model in which a provider hosts the software on their own servers, then distributes it over the internet to customers. It’s no surprise that this widely successful approach has spread to the world of ransomware… most notably Cerber.

Cue the Hackers

Taking cues from SaaS, Cerber’s creators license their ransomware to other cybercriminals in exchange for a percentage of the revenues their attacks generate. If ransomware has already infected your files, and if you haven’t made any recent backups, you’ll need another way to get your data back. While many other forms of ransomware have been decrypted — with decryptor tools available online for free — there is currently no Cerber ransomware decryptor. Without a backup, you’ll need to wait until cybersecurity researchers crack Cerber’s encryption algorithms and release a decryption tool. Don’t delete your encrypted files! And one more time: Never pay the ransom, because there’s no guarantee that you’ll get what you’re paying for. Ransomware is only a threat if the files on your computer are the only copies you have. You can easily sidestep the entire situation by performing regular backups of your files. The best defense against ransomware is prevention, because once your files are encrypted, it’s often too late to get them back. A cybersecurity professional may help but it's best to practice anti-ransomware tips to keep your important data safe from cyberattackers and their malware.

Protect Yourself

Here are actions you can take to guard yourself and your business from cybercrimes, like “RaaS.”

1. Back up your computer.

Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.

2. Store your backups separately.

Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer.

3. Train your organization.

Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.

4. Update and patch your computer.

Ensure your applications and operating systems (OSs) have been updated with the latest patches. Vulnerable applications and OSs are the target of most ransomware attacks.

5. Use caution with links and when entering website addresses.

Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact your organization's helpdesk, search the internet for the sender organization’s website or the topic mentioned in the email). Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g., .com instead of .net).

6. Email security.

Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.

7. Information Security.

Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it.

8. Verify email senders.

If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.

9. Inform yourself.

The best internet security is to keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks on the Anti-Phishing Working Group website.

10. Use and maintain preventative software programs.

Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic.

Source: Department of Homeland Security