Cyber Criminals Take Down Canadian Company
Last weekend, and unnamed Canadian firm was hit with ransomware. IT World Canada reported, the ransomware was able to infiltrate the system by worming its way through vulnerabilities found in the company’s Windows operating system. The malicious software took down the company’s databases and wiped out all of their backup data. The cyber criminals then demanded a ransom payment of $425,000 to decrypt the files. The company, who will remain nameless for confidentiality purposes, agreed to pay the ransom. The only contingency the company put in place was, before the payment was made, the hackers had to prove they had the decryption key. Although not confirmed, it is assumed they did so, since the firm forked over nearly half a million dollars.
This isn’t the first major payday hackers have seen this year. Just last month a South Korean business paid just over $1 million USD to regain access to their servers after ransomware encrypted them.
Prevention is Key
These two attacks are prime examples of how pricey the bill can be if hit with ransomware. This merely drives the importance of preventing ransomware attacks, instead of preparing for what to do after they occur. Although, disaster recovery plans are important, the real focus needs to be on prevention. Unfortunately, many security companies are not keeping up with today’s cyber threats. Instead of transitioning to a whitelist security solution, which treats all unknown files as unsafe until proven otherwise, they continue using an archaic blacklist method. The blacklist treats unknown files as good, allowing them to execute, until proven bad. At that point, it is already too late.
To learn more about blacklist protection compared to whitelist protection, check out this infographic.