Get in Touch Close Menu

Malware Protection

Blog Post – Cring Ransomeware

In April, Sapphire threat intelligence resources identified a sophisticated ransomware campaign utilising the Cring malware and leveraging vulnerability (CVE-2018-13379), identified in 2019 affecting Fortinet VPN Servers. This allows a threat actor to connect to the VPN appliance with no authentication and download session files containing usernames and passwords in clear text.

Though this vulnerability has had a patch available since it was discovered, a list of known public-facing devices that were still vulnerable began to circulate around dark web forums in late 2020. The primary target of these attacks has been industrial enterprises located throughout Europe, with at least one resulting in the temporary closure of a production site.

CRING RANSOMWARE

Frequently Asked Questions on Malware Protection

1. What is malware?

Malware is short for malicious software. It is a catch-all term for any piece of software with nefarious intent designed to act on an organisation’s endpoints and networks.

2. What are the most common types of malware?

Common types of malware include:

  • Worm – A worm is a piece of malware that self replicates, spreading to other users and devices in a way designed to achieve specific ends. This can either be high volume and fast to propagate rapidly, or quiet and stealthy.
  • Trojan – A catch-all term for a piece of malicious software that works in the background to achieve malicious ends.
  • Ransomware – A piece of software that encrypts the victim’s data to block access until a ransom has been paid.
  • Spyware – Spyware is often otherwise known as a key-logger, capturing screenshots, keyboard strokes and other sensitive data.
  • Adware – Once downloaded, adware will unexpectedly show advertisements on the user’s computer.
  • Botnet – a group of devices that has been infected by malware.

3. How do enterprises protect against malware?

  • Focus on employee awareness programmes to increase vigilance
  • Install next-generation anti-malware solutions and EDR
  • Carry out regular simulated attacks to test the response and follow up with training and awareness
  • Back up regularly
  • Ensure that patching and software upgrades are carried out as soon as they have been verified and tested, in line with guidelines and what is practical for your business