Ransomware is getting more dangerous – and it impacts Calgary and Alberta businesses multiple times a day.
Randsomware groups are now paying ‘finders fees’ for individuals to help them gain access and hold computer systems ransom.
If you don’t know what ransomware is: Malicious software is installed on your computer(s) or network which ‘locks’ you out of your data. If you want access to your data back: you have to pay the ransomer (anywhere from thousands to hundreds of thousands, or more – dependant on the value of your data).
How does affiliate-based ransomware work?
- An individuals who have access to systems or networks can offer that access.
- A hacking group or cybercriminal gang completes a successful ransomeware attack, locking those systems until the ransom is paid.
- Once paid, the individual or group who supplied the access gets a bounty or comission for their efforts.
- Very often the individual or group supplying the access is a contractor, employee, or associate (or sometimes an ex-associate) who still has some level of access.
- This is why having a cybersecurity, backup, and modern IT infrastructure is critical to your business operations.
One of the main “organizations” offering a bounty for ransomware attacks is called LockBit.
What is LockBit?
LockBit is a cybercriminal gang that operates using a ransomware-as-a-service (RaaS) model.
- LockBit offers its ransomware services to individuals or groups to use as an affiliate model.
- Any ransom payments gained from a LockBit attack are divided between the customer directing the attack and the LockBit gang.
- The individual or group is only paid a bounty/commission after a successful attack.
Why should I care?
Malicious ransomware hackers are not going away. Their targets have been from big companies to smaller organizations. If a hacker finds a weakness in a company’s defences they will try to exploit it.
Best practices suggest not to pay the hackers, but depending on the severity – sometimes this is not an option. Also: The majority of Ransomware victims that pay are hacked again at a later date.
What should you do?
Firstly, ensure that your IT department has a robust backup system in place for all computers, servers, and devices on your network.
Next, you need to ensure you have a ransomware response plan in place. Not only does it help you maintain control of a very stressful and challenging situation – but it will save you thousands (if not hundreds of thousands) of dollars.
Britec manages all such plans for it’s clients – so we recommend starting with your IT partner (or department). We talk more here about How to recover from a Ransomware attack.
Need help regarding Ransomware?
Contact Britec. We can help you with your Ransomware issues.