Be Wary of New Triple Threat Chimera: Ransomware, Extortion and Data Breach

By CIOReview | Friday, November 13, 2015

TAMPA BAY, FL:  On the verge of the release of version 4.0 of Crypto Wall ransomware, brand new crime ware called Chimera poses a triple threat of ransom ware, extortion and a possible data breach. KnowBe4 encourages IT pros to train users with new school security awareness training as an essential line of defense.

The problem of ransomware isn’t getting better. Recent examples of wide-spread ransomware attacks, including Coin Vault, Crypto Locker, and others indicate that cybercriminals are increasing their use of these types of attacks.  So, what is ransom ware?  It is a type of malware used as a digital mechanism for extortion. It is a type of software to block access to a computer system until a ransom is paid. Ransom ware can take different forms, but in its essence it denies access to a device or ­less until a ransom has been paid. There is a new flavor of “extortion ware” has surfaced, named Chimera, that combines ransom ware with a threat to publish any files on the internet if they are not paid the ransom.

Typical ransomware software uses RSA 2048 encryption to encrypt ­less. Just to give an idea of how strong this is, an average desktop computer is estimated to take around 6.4 quadrillion years to crack an RSA 2048 key.

The average consumer and both large and small businesses can be victims of ransomware.  Its attack is typically delivered via an email that includes an attachment that could be an executable file, an archive, or an image. Once the attachment is opened, the malware is deployed on the user’s system. A ransom ware attack goes through stages from the time it installs on your computer to the appearance of the ransom warning on your screen.

To overcome this ransom ware problem KnowBe4 delivers ‘new-school’ Kevin Mitnick Security Awareness Training combined with set-it-and-forget-it simulated phishing attacks for an extremely effective user education program.  KnowBe4 believes that threats like this which are not detected with security software can be stopped dead in their tracks by creating a strong security culture within an organization and giving employees the tools and training to become a human firewall.

The FBI has noted it is the perfect time to reflect on the universe of cyber threats and for organizations to do their part to protect against these threats. In response to this, KnowBe4 is giving away the Kevin Mitnick Home Internet Security Course through a link on their website. The password is Knowbe4. IT Managers can pass along the link to as many of their family and friends as they like. The only caveat is the training expires December 31st.