Apple Ransomware Strikes For the First Time

March 8, 2016 — Leave a comment

foxJust Returned From An Interview With Fox News…Apple Has Been Hit!

Apple has finally been hit by ransomware. Here’s what you need to know…

The reporter had heard things like, Apple can’t be attacked by malware! Wow, is that wrong. True, Microsoft gets hit more often, but there are instances of Apple Malware out there. This is reportedly the first fully-baked ransomware attack on Apple – discovered over the weekend.

The first thing you need to know is, “your prospects think they’re protected by firewalls and passwords”. They’re not.

This attack has nothing to do with either. The only defense, had one of your clients downloaded the BitTorrent Software (Transmission) that was infected, would have been a managed data collecting type security program.

Arctic Wolf, out of Sunnyvale is a great example.  Some UTM firewalls, like Check Point Software, with the appropriate detection functions turned on would also have detected it. And you would have had 3 days to respond, if the technology didn’t block it.

What Software Are We Talking About?

The software is Transmission 2.90.  It’s a peer to peer software client that uses the BitTorrent protocol to move data.

Nearly 50% of the traffic on the Internet today is BitTorrent in some form or another. A lot of it is used for illegal stuff like pirating movies.  But it’s also used by Facebook, Twitter, Government Agencies, Video Game Companies, and more.  It’s only the Transmission version 2.90 that’s a problem, and the Transmission company has already released 2.92.

What’s important here?

It’s the detection / response message. Ransomware has been around for about 10 years. The past three have seen tremendous growth.  Three years ago there were about 100,000 instances reported. Last year that went to 600,000. The biggest ransom paid so far, that I know of, was the $17,000 dollars paid last month by Hollywood Hospital. Lives were at stake, so they paid it.  Most of these attacks target smaller businesses.

Statistically only about 3% of those infected pay, but experts agree that the number is much higher. That’s all that are reported. The hospital, by law, had to report this attack. Many small businesses will pay it and move on.

Your Opportunity Is Now

Get out to your clients now!

They have a couple of days before encryption happens if they’re infected, but chances are they use Microsoft, not Apple, on the desktop.

But even if they don’t use Transmission Software and Apple, it makes sense to recommend an assessment – chances are they have something urgent. You just need a reason to show them.

Remember, scanning isn’t enough. You need some data collection. Move them to UTM Firewalls, add ongoing monitoring services, and remind them, this was Apple and Transmission. Tomorrow it will be Microsoft and something they use every day.  When it hits, no one will be able to save them. They’ll either lose data or pay the fine. The more they pay the fine, the more criminals are going to do this.

© 2016, David Stelzl

 

 

Advertisements

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s