AtomBombing: When Ransomware Goes Nuclear

It seems that just as soon as a new electronic device is rolled out promising better cyber protection and faster network speeds, cybercriminals design and deploy a new ransomware attack. After making updating your device, it's as little as a week later that you're directed to make another update to address the bugs and issues in the original coding.

After having just introduced "bring your own devices" in your office, anyone who hasn't followed up on updates or been careful about clicking iffy links can potentially open up your system to an uninvited guest: the cybercriminal.

With the Dridex Banking Trojan update, your small business' network is at a greater risk of cybercrime. Known as AtomBombing, the new Trojan update makes it nearly impossible for security software to detect the Dridex Banking Trojan. If ever your small business needed cyber coverage before, now is the time.

The Dridex v4 Dilemma

Found to be targeting financial institutions, researchers from IBM X-Force have found multiple instances in the U.K. of Dridex activity. According to ThreatPost, it's only a matter of time before it hits the United States.

In a statement released by X-Force and published by ThreatPost, "over the long reign of Dridex v3 (the older version) [there have been] significant changes implemented into the malware's operations, such as modified anti-research techniques, redirection attacks and fraudulent M.O. changes. It is not surprising to see a new major version released from this gang's developers."

Dridex v3's ransom coding was easy to spot, freeze out or build cybersecurity updates around. By reinforcing Dridex v4 with AtomBombing code, the Trojan attack can bypass cybersecurity details.

According to Security Intelligence, researchers of Dridex v4 have learned that the ransomware's creators have designed their own injection method; this makes it more difficult for cybersecurity software to understand and recognize the malicious software. In developing code that makes it difficult for cybersecurity services to detect, cybercriminals are able to infiltrate systems undetected. Once in your system, the cyber crooks can steal log-in credentials, PIN numbers, banking numbers and other personally identifiable accounts.

With this new form of ransomware hitting the market and your small business' current cybersecurity practices, would you be safe, or does your cybersecurity need ramping up?

Small Business Cyber Protection
50 percent of small businesses in the U.S. have been the targets of cybercrime. PropertyCasualty reports that data breaches are largely caused by employees working from home from an unsecured network or an infected device.

When an employee brings their infected device to work and logs on to the small business' network, they are then putting the company's network at risk; this is exactly what the cybercriminal wants to happen.

To protect your small business from a cyber data breach, insist that employees can only use the equipment offered by the office and cannot access their email or other work-related files from home. If they must, they are to use the work-provided VPN.

To make sure all your costs are covered should you get hit with an attack, be sure to get a BOP insurance plan along with a cyber insurance policy.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375