Ransomware on the Rise

Researchers have seen a %3,500 increase in ransomware attacks recently. This is no surprise, as there have been a few developments to help spur the growth:

It works! There have been a few stories in the news recently where enterprises have given in to ransom demands to get parts of their network back.

Payment Methods
Bitcoin cannot be traced to a particular bank (where the transactions can be reversed) so the attackers now have a convenient method of payment.

Work From Home!
I don’t think Romanian or Chinese hackers are terribly worried about the repercussions of ransoming a hospital in California.

Like always, make sure you have off-site backups and your security infrastructure is in place.


The Specificity of Stuxnet

This post references an old (and great) article in Wired about Stuxnet. I went back and re-read it and was struck by the specificity of the virus:

“Stuxnet targeted used the Profibus standard to communicate. They also noticed that the virus searched for a specific value — 2C CB 00 01 — before deciding to attack its target PLC.”


“Stuxnet was targeting a facility that had 33 or more of the frequency converter drives installed, all operating at between 807Hz and 1,210Hz.”

It’s not surprising that Stuxnet was designed to specifically NOT attack just any facility using Seimens PLC’s, that would be disastrous to the world economy (think about that for a second) but whomever (Israel or US tech teams) designed it had specific insider knowledge of the Iranian nuclear facilities. Do you think the Iranian government worries about that?

How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History