The Cryptowall ransomware threat has now reached a critical level, with the FBI deeming it necessary to issue a warning to allow businesses and individuals to take extra care. Ransomware is a type of malware that disables the target’s computer by encrypting the device. If an attack is successful, the device will be locked until a ransom is paid. Only then will the necessary security fix be provided to unlock the device.
There are numerous threats from ransomware, although one variant in particular is causing the most problems: Cryptowall. According to the FBI warning, the number of reported cases of Cryptowall malware in the last two months has reached 992. That figure will now almost certainly be higher as more individuals download the malware. The FBI estimates that the malware is already responsible for causing over $18 million in costs.
The Cryptowall ransomware threat does not appear to be confined to companies storing large volumes of data. Individuals can also be targeted, with the ransom highly variable. The cost of unlocking a device can be as low as $200, although instances where $10,000 has been demanded – and paid – are not unusual. The perpetrators can tell what data is stored on the device and can set a price accordingly.
Cryptowall Ransomware Threat Should Not Be Ignored
Hackers can install malware after they have gained access to healthcare computer networks; however the biggest risk of Cryptowall malware being installed on computers is when users are convinced to download the malware onto their hardware.
Cybercriminals often use spear phishing tactics to get their malware downloaded, either via infected email attachments or links to websites set up to download the malicious software onto the user’s computer. Once that happens, the malware is activated on reboot.
Since the malware must be downloaded it is possible to significantly reduce the Cryptowall ransomware risk by training the staff on how to identify the malware and spot a potential Cryptowall phishing attempt. Restrictions can be placed on the websites that can be visited via healthcare provider computer networks, and anti-virus software can be set to prevent popups and redirects to further reduce risk of infection.
It is important that the staff is alerted to an elevated malware risk and employees must be instructed on the actions they should take if they suspect a phishing email has been received.
Consider sending regular IT security bulletins and issuing best practice guides for dealing with suspect emails, and ensure the staff is aware of the need to report instances of phishing to their IT departments.
Antivirus software should be updated with the latest virus definitions as soon as they are released, and regular scans should be conducted to identify any malware that has managed to get through security defenses.
The best defense against Cryptowall ransomware is to ensure that regular data backups are performed. With no threat of data loss, healthcare providers may not have to pay the ransom.