Have you considered what would happen to your business if you were locked out and couldn’t access any of your files?
The FBI has just released a warning about that exact frightening scenario. The ransomware group responsible for this new alert is called Interlock.
You may not have heard of them, but here’s what you need to know…
They are fairly new, only appearing in September 2024. In this short time, they’ve made a name for themselves by going after businesses and infrastructure across the globe.
And Interlock is all about the money. They break into your systems, silently steal sensitive information, then block access by encrypting everything. Finally, they send you a ransom demand, usually with a short deadline (about 4 days) in which you need to pay, or they dump all your files on the dark web for anyone to see.
This ‘double-extortion’ method is becoming quite common with ransomware groups, but Interlock is more aggressive than most.
They employ some smart tactics to break in. Such as fake browsers or security updates, booby-trapped websites, and other tricks to get you to click without thinking. Once they’re in, they move through your network, dropping malicious tools to let them spy, steal passwords and eventually lock down all your files.
They don’t favour specific systems either. They go after Windows and Linux machines, meaning most business could be a potential target.
You may be thinking, what does this mean for my business. This is something bigger companies need to worry about. Since these are the stories, we see in the news. In reality, small and medium businesses are considered easier wins as they tend to have smaller budgets for security, making them prime targets.
Imagine losing access to your critical day-to-day systems, your client files, or your financial data. Even if you’re able to minimise downtime and recover, the reputational damage could be just as costly.
So, what should you do?
The FBI says:
- Do not give attackers the opportunity to exploit old flaws by ensuring that systems are patched and up to date.
- Use multi factor authentication wherever possible. It’s the easiest way to block them in most cases.
- Use web filtering and firewalls to keep malicious sites out.
- Create segments in your network. So, if one goes down, the whole business is not affected.
- Invest in security tools that can detect and stop suspicious behaviour before it spreads.
Cyber security preparedness is about acting now to minimize the chances of dealing with the aftermath of an attack later. The FBI doesn’t issue warnings like this lightly. Interlock will likely be around for a while, so if you’re due to review and upgrade your security, now may be the time.
Leave a comment!