The first thing the victim sees is the creepy image of Billy the puppet from the horror film “Saw” on their computer screen, warning them that they have 24 hours to pay up or their now-encrypted files will be deleted:

Source: Trend Micro

The so-called JIGSAW ransomware is the latest twist in the disturbingly rampant ransomware trend, malware infections that lock the victim out of their files and demand payment in Bitcoins – or the files get deleted. What sets JIGSAW apart from other ransomware attacks, besides its horror-flick riff, is the very tight deadline for ransom payment. And akin to how a thriller builds on suspense, fear, and horror, JIGSAW builds pressure on the victim with multiple warnings to pay the ransom or lose his or her data. “JIGSAW is forcing the hand of the [victim] organization so they are not going to be able to look at backups” or other options to retrieve their data, says Michael Davis, CTO of CounterTack. “It’s forcing them to pay up immediately and sooner” than other ransomware, he says. Trend Micro researcher Jasen Sumalapao describes it as an exponential attack. “Recent crypto-ransomware families have ransom amounts that grow as time passes, but not with the same increments as JIGSAW. To make matters worse, it deletes a larger amount of files with every hour while the amount to be paid also increases,” he said in a blog post today. “And with the exponential increase of files being permanently deleted, users may be pressured into paying the ransom so they may either save the remaining files, or avoid paying a larger ransom.” The ransom starts anywhere from $20 to $250. JIGSAW, aka BitcoinBlackmailer.exe, appears to have been created on March 23, and was first used in attacks a week later. According toresearchers at Raytheon’s Forcepoint Laboratories, the author uses the file extension ‘.FUN.’ Fear is a big component of the success of most ransomware attacks. Victims feel trapped and panicked, especially if they don’t have good backups of their data. So many relent and pay the ransom; but there’s still no guarantee they’ll see the data. According to new data from the Ponemon Group, just 38% of organizations have a plan or strategy for handling a destructive malware attack like ransomware or other data destruction methods, and that’s down from 43% last year. Davis, whose company commissioned the Ponemon study, says the drop reflects a reality check as ransomware became more destructive and pervasive. “There was a little overconfidence last year,” he says. “Ransomware didn’t have the effect then that it had at the end of 2015 and in early 2016.” The data, which is part of the 2016 State of Endpoint Report, shows how most organizations just don’t have the capability to defend or prepare for a ransomware attack. “This is showing that access control is not [happening] in organizations,” he says. One user getting infected with ransomware shouldn’t end up bringing an entire organization to its knees, he says. More than half of organizations consider ransomware one of the most harmful attacks today, behind zero-day attacks were number one  (71%); followed by distributed denial-of-service (DDoS) attacks (68%); and exploiting an existing vulnerability (53%). Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now! According to Trend Micro’s research, JIGSAW infects machines via a file they download from a free cloud storage service called 1fichier[.]com. This isn’t the first time the cloud storage provider has inadvertently hosted malware, either, but the malicious URLs have since been removed from their site. Porn sites also are spreading the ransomware, and JIGSAW uses a different threat for those victims with the message: “YOU ARE A PORN ADDICT.STOP WATCHING SO MUCH PORN. NOW YOU HAVE TO PAY.” JIGSAW, like many ransomware variants, is not sophisticated nor does it contain any new features that haven’t yet been seen in this type of malware. It’s more about the psychological fear factor, researchers say.

The post New Ransomware Riffs Off Horror Film first appeared on Favorite Office Automation.

The post New Ransomware Riffs Off Horror Film appeared first on Favorite Office Automation.

Amid federal and state bills written to weaken computer security by mandating backdoors that bypass encryption, IT pros are alarmed at the prospect of security made insecure, according to a report released Tuesday by IT services firm Spiceworks.

In a survey of 600 IT professionals from North America, Europe, the Middle East, and Africa, Spiceworks found that 87% said they believe backdoors increase the risk of a data breach.

As an individual identifying himself as Dave Ohlendorf explained in the Spiceworks forum, “ANY backdoor — no matter who knows about it, can and likely will be reverse engineered and end up in the wild where it will get into the hands of ‘very bad people.'”

This view has been echoed by cryptography experts such as Matthew Green, assistant professor in the department of computer science at Johns Hopkins University. As Green put it in a tweet earlier this year, “The problems with encryption backdoors come up when you try to scale them from an idea to something that affects millions of people.”

The Athens affair, in which the Vodaphone phone network in Greece was compromised over a decade ago, is often cited as an example of the problem with backdoors.

Backdoors in encrypted systems can make life easier for law enforcement agencies, but they impose a potential cost on businesses. Simply put, compromised security has become a tough sell. Some backdoors are put in place deliberately, as a matter of administrative convenience. Others, like thebackdoor in Juniper’s NetScreen firewalls, are supposedly unauthorized. Either way, they’re generally not welcome.

(Image: Maksim Kabakou/iStockphoto)

Spiceworks separately surveyed 220 IT pros about how awareness of a backdoor in a company’s products might affect that company’s sales prospects. The firm found that 65% of IT pros would be less likely to buy from a company known to install backdoors in its products. Only 20% said a history of backdoors would have no impact when considering a purchase.

Given reports about the NSA’s ability to access networking equipment from Cisco, Dell, Huawei, and Juniper, not to mention a supposedly inadvertent backdoor in a MediaTek phone chip used for some Android phones, it may be difficult to avoid products with backdoors or vulnerabilities that could become backdoors.

Nevertheless, some businesses see value in declaring their commitment to encryption, even if their execution remains imperfect. Apple, for example, has taken a public stand against the US government’s attempt to force it to undo its encryption for the convenience of investigators. And more recently, consumer messaging providers like WhatsApp and Viber have committed to end-to-end encryption.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Trackat Interop Las Vegas, May 2-6. Register now!

According to a separate Spiceworks security report released in December 2015, more than 80% of businesses experienced some form of security incident last year and 27% of the 200 IT pros surveyed planned to increase spending on encryption in 2016.

In the report that was released Tuesday, more than half of those surveyed (57%) said they believe that network or device encryption had helped their organization avoid a data breach.

Encryption has become common on networks. Some 47% of Spiceworks respondents said they encrypted data in transit to laptop and desktop computers. But encryption is less common on mobile devices like tablets (35%) and smartphones (40%). It’s also less common for data at rest: laptops/desktops (36%), tablets (25%), and smartphones (28%).

Still, some organizations don’t see the value of encryption. According to the IT pros surveyed, 16% of organizations don’t enforce encryption across any devices or services.

The post IT Pros Fear Encryption Backdoors first appeared on Favorite Office Automation.

The post IT Pros Fear Encryption Backdoors appeared first on Favorite Office Automation.