The Qlocker ransomware gang are hitting businesses across the world with various phishing attacks, as they leverage companies for monetary gain.
Network storage experts QNAP found several of its Network Attached Storage (NAS) systems were compromised by the ransomware. This caused a number of back up storage devices to be impacted, with users’ data encrypting and ransoms issued. QNAP quickly distributed emergency patches to solve the situation, but the problem was that the patches needed to be updated by each user. Neuways has heard anecdotally from affected users who have lost around 2.5 TB of their data due to the fault, while it is believed that the cyber criminals behind the hits made around a quarter of a million pounds in a month of running the malware. This is just the latest incident in a number of ransomware hits, as the overall number of ransomware incidents surges over the last year.
During this incident, QNAP NAS device owners discovered that their files were replaced by password-protected zipped archives. An additional ransom note on the device explained that their files were encrypted and they needed to visit a Tor site to pay a ransom in order to retrieve their data.
The ransom price was set at 0.1 bitcoin (around £395), but the success rate of their attacks meant that the Qlocker ransomware gang were able to benefit with such a large amount of cash once the attack had concluded. Some victims were even forced to pay an additional 0.2 bitcoin after the initial payment, before they were given access to their files back.
Of course, by having to pay for their files, a business marks themselves out as being susceptible to these cyber attacks. It tells cyber criminals that they are a viable target and ripe for being scammed as they were willing to pay the ransom fee. This information often circulates around cyber criminal circles as they prepare to attack their next targets.
The good news was that the attack was shut down eventually, and the Tor payment site was taken down. The bad news? Well the victims who have their data encrypted now have no way to retrieve their data.
The way forward for businesses is to ensure that their Business Continuity and Disaster Recovery plans are up-to-date so that they are not in this difficult position in the future. Neuways’ dedicated BCDR plans are bespoke for each customer. By utilising the experience and knowledge of its experts, Neuways’ solutions can help businesses to save money by maintaining access to its data and remaining operational at all times.
Downtime is expensive, with the average incident costing UK businesses around £250,000 per hour. By following data management procedures, such as the rule of three, incidents such as the Qlocker ransomware hits will not disrupt a business. By saving data in three different locations, on-device, a centralised location and off-site, there are three opportunities to continue working from, should a cyber attack, natural disaster or theft occur.
This places businesses more comfortably in the event of a cyber attack. Sure, it will still be a stressful time, as any kind of breach isn’t good for businesses to have to deal with. But, at the end of it, 96% businesses with a BCDR plan in place were able to survive a cyber attack, which is a great way to counteract the threat of cyber criminals, such as the Qlocker ransomware gang.
