Onion: the biggest cyber threat since CryptoLocker
Just as we thought we'd seen the worst of ransomware in the form of CryptoLocker, a new, even more damaging virus has been uncovered.
Onion encrypts and ransoms files in a very similar way to CryptoLocker. It makes its way in to a network through seemingly legitimate phishing emails and then encrypts files, giving users 72 hours to either pay a ransom fee or face losing them forever.
This particular virus is made even more treacherous by the fact that it uses the anonymous dark-web network Tor to hide its malicious identity. The Onion transfers data, payment information and decryption keys through command and control servers within the hidden network, making it significantly more difficult to trace where the virus originated from and stop it.
Senior security analysts are saying this is one of the "most technologically advanced encryptors" they have seen to date. The same architecture has been seen in the past in malware targeted specifically at the banking sector, but it has never been seen on this scale.
As with CryptoLocker, our advice for dealing with ransomware remains three-fold:
Keep up to date
Stay up to date with the latest developments in spyware. Knowing what to look out for is half the battle. If you recognise a suspicious email as a threat, the whole security incident is avoided. Also, make sure your antivirus software is up to date as this can help to contain the majority of threats.
Backup your business-critical data offsite
If you do get caught out by malware, backups can be your saving grace. Be careful though, if you don't catch the virus in time, you might unintentionally back up the encrypted files and lose your copies of the unencrypted data. Backup systems that support versioning will allow you to roll back to previous, unaffected copies.
Communicate
Communicate the security risks throughout the company. All it takes is one employee opening an infected attachment for your whole business to be in trouble. Have clear policies in place for risk management, and make sure your team is clear about the recommended procedures to follow in the case of a breach. As well as helping to prevent attack in the first place, this can help to get incidents under control quickly, reducing the amount of damage caused.
Read how a leading recruitment agency beat the CryptoLocker virus earlier this year.
Save