Digital security has never been more important for your business than it is today, and now a new report from the FBI has businesses scrambling to shore up their cyber defenses.
Ransomware attacks are serious threats to businesses of all shapes and sizes, and the FBI recently warned about a new ransomware group that is taking an especially aggressive approach. The group is called Interlock— here’s what you need to know.
Meet Interlock
Interlock is a group of cybercriminals that first hit the scene around September of last year. They have made a name for themselves by attacking businesses and infrastructure in the US and Europe, including some fairly high-profile targets.
Their usual attack starts with a threat and a request for ransom. Once Interlock gains control of a business’s systems, they steal sensitive information and then lock businesses out via encryption. Next comes the ransom demand: pay up within a few days, or else. If you don’t, then your files all end up on the dark web—not good.
This kind of attack is called a double-extortion attack. First, they extort you by locking you out of systems you need to keep your business running. Second, they extort you by threatening to expose your data to anyone and everyone on the dark web.
No wonder businesses who get caught up in this scheme are paying up!
How They Do It
Interlock employs many of the same tricks we’ve warned about before, like:
- Fake browser updates
- Fake security updates
- Malicious imposter websites
- Phishing schemes
Basically, they’ll use anything that tricks you into clicking without thinking.
Once they gain access to your systems, they start expanding through those systems. They install malicious tools, surreptitiously copy files, and keep working quietly in the background until they’re ready to launch.
Then, once they’ve gotten control of enough systems and/or data, they’ll launch the public part of the attack, locking you out and demanding payment.
The Damage Is Real. So Is the Risk.
We wish this were all just a bit overhyped, but the truth is worse: attacks like these are real. They happen to businesses of all sizes every single day. And the risks are just as real: many small businesses can’t afford the ransom payment, and even if you pay, there’s no guarantee that the thieves will do what they say they’re going to do.
Just as scary is the operational and reputational damage that can occur. How long can you afford for your systems to be offline before your business may not be able to recover. And reputationally, clients trust you to keep their information secure. What will happen to those relationships if you end up causing them lots of additional hardship?
How to Stay Safe (According to the FBI)
The FBI gives businesses sound advice on how to stay safe from ransomware attacks from groups like Interlock. Start with these strategies:
- Keep systems updated: Out-of-date systems and software leave known vulnerabilities unfixed. This is the easiest way for attackers to compromise your systems.
- Enable MFA, passkeys: Passwords are too easy to steal, guess, or hack. These additional authentication tools make it exponentially harder to steal credentials to access your systems.
- Use cybersecurity hardware and software: The right tools can keep malicious sites and emails from ever loading. (Not sure where to start? We can help!)
- Segment your network: Larger businesses should invest in segmentation so that a breach in one part of the network doesn’t compromise the whole thing.
Got questions about how to stay safe? Need an assist getting these things implemented? That’s what we’re here for. Get in touch anytime.