Locky ransomware spreads like wildfire - expert comment
March 2016 by Fraser Kyne, principal systems engineer at endpoint security firm, Bromium
The BBC has reported this afternoon that security firms are warning about a sudden "huge" surge in junk mail messages containing ransomware. The surge is being blamed on the group behind the novel strain of ransomware called Locky.
Commenting on this, Fraser Kyne, principal systems engineer at endpoint security firm, Bromium, said:
"Ransomware is a particularly nasty form of malware because, once you are hit with its encryption, your files are toast. Anti-virus can’t do anything to bring those encrypted files back to you. I only expect this trend to continue because it is so effective, and this increase in ransomware highlights the importance of best practices, such as endpoint protection and external data back-ups. Many times, when you are hit with ransomware, it is impossible to get your files back because the payment processing may fail or the encryption keys may not work.
The ransomware trend will only continue if those infected continue to pay the ransom. We cannot encourage this behaviour, so we suggest these ransoms are not paid.
Ransomware will continue to cause significant problems for many organisations, simply because their IT security mechanisms fail to protect them. Modern threats need modern and innovative solutions. It’s not enough to go through a continual ‘pay-up or wipe’ loop as these attacks become ever more popular. We also need to ask ourselves this question: "If we have ransomware that is TELLING us we’ve been hit because it wants our money, what does that reveal about our vulnerability to more convert attacks too?”