2018 Malware Forecast: ransomware hits the UK hard, continues to evolve

Sophos releases its 2018 Malware Forecast today, and the big takeaway is this: ransomware remains a huge problem for companies and isn’t going away. In 2017, attackers further perfected their ransomware delivery techniques, leading to global outbreaks such as WannaCry, NotPetya and, most recently, Bad Rabbit. The UK was the second highest single country hit, behind the United States.

Though most ransomware is hitting Windows users, it’s clear that people aren’t immune if they use other platforms, including mobile devices. A prime example is the amount of ransomware contaminating Android apps, whether they’re in Google Play or other online sources.

Ransomware from 1 April – 3 October 2017

Ransomware remains a vexing problem for many companies. SophosLabs has looked at the most prolific ransomware families and attack vectors over a six-month period with an eye toward helping those organizations cope.

The statistics below cover the six-month period between 1 April and 3 October 2017. The data was collected using lookups from customer computers.

WannaCry, unleashed in May 2017, was the number-one ransomware intercepted from customer computers, dethroning longtime ransomware leader Cerber, which first appeared in early 2016. WannaCry accounted for 45.3% of all ransomware tracked through SophosLabs, with Cerber accounting for 44.2%.

“For the first time, we saw ransomware with worm-like characteristics, which contributed to the rapid expansion of WannaCry. This ransomware took advantage of an old Windows vulnerability to infect and spread to computers, making it hard to control,” said SophosLabs researcher Dorka Palotay, who specializes in ransomware analysis. “Even though WannaCry has tapered off and Sophos has defenses for it, we still see the threat because of its inherent nature to keep scanning and attacking computers. We’re expecting cybercriminals to build upon WannaCry and NotPetya and their ability to replicate, and this is already evident with Bad Rabbit ransomware, which shows many similarities to NotPetya.”

The Sophos 2018 Malware Forecast reports on the acute rise and fall of NotPetya, ransomware that wreaked havoc in June 2017. NotPetya was initially distributed through a Ukranian accounting software package, limiting its geographic impact. It was able to spread via the EternalBlue exploit, just like WannaCry, but because WannaCry had already infected most exposed machines there were few left unpatched and vulnerable.

The motive behind NotPetya is still unclear because there were many missteps, cracks and faults with this attack. For instance, the email account that victims needed to contact attackers didn’t work and victims could not decrypt and recover their data, according to Palotay.

“NotPetya spiked fast and furiously before taking a nose dive, but did ultimately hurt businesses. This is because NotPetya permanently destroyed data on the computers it hit. Luckily, NotPetya stopped almost as fast as it started,” said Palotay. “We suspect the cybercriminals were experimenting or their goal was not ransomware, but something more destructive like a data wiper. Regardless of intention, Sophos strongly advises against paying for ransomware and recommends best practices instead, including backing up data and installing Sophos Intercept X, which can detect zero-day ransomware within seconds.”

Cerber, sold as a ransomware kit on the Dark Web, remains a dangerous threat. The creators of Cerber make money by charging the criminals who use it a percentage of each ransom they’re paid. The malware is continually refined and updated in an attempt to stay one step ahead of security software. Regular new features make Cerber not only an effective attack tool, but perennially available to cybercriminals.

The trends are captured in the ransomware graphic above.

You can read more on Sophos’ findings via this link, or talk to one of our experts today on 01274 396 213.

Complete IT Systems achieve ISO accreditations

Complete IT Systems Ltd is proud to announce its successful completion of ISO 9001:2015 and the ISO EN 14001-2015 Environmental Management System accreditation, effective August, 2017.

The business has invested more than a year preparing for these accreditations through a rigorous process. This has required examination of all aspects of the company through a series of internal audits designed to ensure that all our processes that could have any environmental impact are properly managed.

In achieving these accreditations, Complete IT Systems Ltd’s main goal is to demonstrate to our customers that we want to be the best at what we do and we are committed to their needs and for managing quality across our operations and programmes. We therefore took the proactive decision to work towards ISO 9001:2015 certification. This not only anticipates the demands of our customers, but also demonstrates a commitment providing quality services to all current and future customers. Our goals focused on the emphasis of quality assurance and fits with our primary goal of aiming to show our customers our quality, every day.

 

An ISO 9001:2015-compliant quality management system:

  • Enables a company to consistently provide products and services that meet customer and applicable statutory and regulatory requirements.
  • Aims to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.

The ISO EN 14001:2015 accreditation demonstrates:

  • Enhancement of environmental performance;
  • Fulfilment of compliance obligations;
  • Achievement of environmental objectives.

 

Throughout the remainder of 2017 and early 2018 we plan to strive to have Complete IT Systems Ltd 100% environmentally friendly using the findings of the internal audits.

Further information:

 

When the Avocor mobile demo suite came to Bradford!

The Avocor mobile demo truck arrived at Complete IT Systems’ offices in Bradford this week, and what a day it was!

Many of our customers and local businesses and schools joined us for the opportunity to see the very latest and greatest in interactive display technology, and to meet the Avocor and Complete IT Systems teams. Guests were treated to a demonstration of the capabilities of the Avocor F range, as well as being able to touch and see for themselves the difference first-hand of Avocor’s Intelligent Touch technology.

Avocor’s innovative solutions give users the opportunity to create and collaborate in creative and engaging ways, and with incredibly accurate and smooth writing experiences as well as precise, clear annotations.

The demo suite also offered the opportunity to see Nureva’s Span software in action – this is a cloud-based solution that creates an impressive digital canvas that everyone can use to share creative ideas and solve problems.

If you would like to see for yourself what interactive display technology could bring to your business or educational environment, please contact one of our Avocor or Nureva specialists on 01274 396 240 or use our online contact form and we’ll get back to you promptly.

 

Stop ransomware in 60 seconds with Sophos Intercept X

The CryptoGuard feature in Intercept X blocks all known ransomware on the planet. It utilises behavioural analysis to stop never-before-seen ransomware and boot-record attacks, making it the most advanced anti-ransomware technology available.

Check out how in this 60-second demonstration:

 

As Sophos Gold Solution Partners, Complete IT Systems can offer you expert advice on the Intercept X solutions and how they could be effectively deployed in your business.

Request your no-obligation free trial via this link or call us on 01274 396 213.