A single cybercrime group may be collecting all the revenue from CryptoWall 3 according to a new report from the Cyber Threat Alliance, which has issued its recommendations to businesses on how to keep secure.
The Cyber Threat Alliance is an industry group whose co-founders include Fortinet, Intel Security, Palo Alto Networks and Symantec.
Their report, Lucrative Ransomware Attacks: Analysis of the CryptoWall Version 3 Threat, says more than US$325 million was gained from CryptoWall 3, which appeared earlier this year, including ransoms paid by victims to decrypt and access their files.
The report says 406,887 attempted CryptoWall infections were recorded, with the hundreds of millions of dollars damage wrought by the ransomware spanning hundreds of thousands of victims across the globe.
Earlier this week, virtual private network and managed services provider BCT reported that an increasing number of Australian companies have fallen victim to the new strain of Cryptolocker in recent months.
The Cyber Threat Alliance says there are steps organisations can take to lessen their risk of falling victim to CryptoWall v3 and other forms of advanced malware.
- Ensuring your operating systems, applications and firmware are updated with the latest versions of the software.
- Understanding typical phishing techniques and how to thwart them, such as by not opening email from unknown email addresses or attachments of certain file types.
- Keeping web browsers updated, and turning on settings to disable browser plugins, such as Java, Flash and Silverlight, preventing them from running automatically.
- Reviewing access and security policies within corporate networks to limit access to critical infrastructure from systems and users who don’t need it.
Joe Chen, Symantec vice president of engineering, says the Cyber Threat Alliance’s first major target is ransomware threats like CryptoWall which are growing at an alarming rate and holding critical business and consumer data hostage.
Derek Manky, Fortinet global security strategist, says the explosion of connected devices and our reliance on digital platforms has created an environment that is both empowering and creating new ways for adversaries to penetrate networks.
“Managing this risk is a shared responsibility,” Manky says. “We need to step forward and not wait for the adversary to make the move first.
“When we grow our collective intelligence across all sectors, we can better combat advanced threats, deploy security controls to counteract the latest moves and deliver greater security for our customers and all organisations.”