Products and Services PRODUCTS & SERVICES

The ransomware that shows up everywhere but the headlines

Written by
July 20, 2021
Products & Services Privacy Ransomware Sophos Home

The most reported ransomware strain of 2021 so far – accounting for around 71% of the total – is not a headline grabbing, multi-million-dollar ransom threat targeting a large enterprise, but a file-encrypting virus called DJVU or STOP ransomware that targets home users and has more than 290 variations.

It’s important to keep things in perspective and to remember that just because a threat is common that doesn’t make it more dangerous. For example, sophisticated, manually orchestrated ransomware attacks targeting organizations – such as the recent Darkside ransomware attack against Colonial Pipeline or the REvil attack on Kayesa – may be far fewer in number, but they are significantly more disruptive and expensive than their consumer-focused counterparts.

Further, the number of times a particular threat is reported doesn’t necessarily mean there will be many victims.

For instance, many DJVU/STOP attacks arrive via pirated games downloaded from online “cracking” forums, and the proportion of individuals actively hunting for cracked versions of software programs is likely to be fairly small.

However, the fact remains that consumers are a target for ransomware – and for many other cyberthreats. Risk awareness and preventative action are as important for individuals and their families as they are for businesses. Moreover, when it comes to cyberthreats, what you need to do to stay safe from one type of threat can protect you from another too.

The first priority is to understand what the risks are and how vulnerable you, your family and your home devices might be.

New research from Sophos Home reveals that 91% of consumers in the U.S. are concerned about online security threats affecting their households, and they worry most about viruses and malware (60%), identity theft (55%), and financial fraud (48%.)

However, the survey also shows that while 45% are concerned about ransomware threats, only 49% could correctly identify what ransomware actually is. To reduce vulnerability, it is vital that people accurately understand the kind of risks they could face in their everyday digital lives.

The second priority is taking steps to protect yourself from such risks.

For instance, DJVU/STOP ransomware – and many other consumer-focused malware, including so-called “information stealers” – spread disguised as cracked versions of popular software applications.

Gamers browsing for “free” versions of games or gaming-modifications (“mods”) can be particularly vulnerable to such approaches. Young people make up a significant proportion of the gaming community, yet the Sophos Home research found that only half (50%) of parents have added parental controls on devices that their children use, and only 46% regularly run malware scans on household devices – the kind of things that would protect young people from installing pirated software that is in fact disguised malware.

The following list of 10 basic cybersecurity practices are a good place to start:

  1. Set strong, unique passwords for every account and every device – for every member of the family; and don’t forget about securing the home Wi-Fi network too
  2. Install a security solution on all devices
  3. Keep software up to date. If you can, set devices to update automatically so you don’t have to remember
  4. Keep young people’s connected devices secure with appropriate parental controls and content filters – and talk to them about online risks and how to stay safe
  5. Only install legitimate software applications from official online stores, such as the App Store and the Google Play Store
  6. If an incoming email, SMS or IM message looks suspicious for any reason (the language, request etc.) do not open the attachment or click on any link
  7. Never change or override security settings on your computer or smartphone on the say-so of a message you receive from someone you don’t know
  8. Turn on 2FA (two-factor authentication, also known as two-step verification) if you can on any online services that support it
  9. Get in the habit of making backups, even at home. Keep at least one backup offline (e.g., unplugged if it’s a USB drive, or logged out if it’s a cloud service,) so that if you do get hit by ransomware, the crooks can’t scramble your backup at the same time as your live data
  10. The golden rule when it comes to data privacy online: if in doubt, don’t give it out

Further insights from the Sophos Home survey are available in the full report, The State of Consumer Home Cybersecurity 2021.

More tips can be found in the following Sophos security tips articles:

Home delivery scams get smarter – don’t get caught out

Using TikTok? Check out these six security tips

Safer Internet Day: Why not up your game?

Cybersecurity tips for university students

Naked Security Podcast, S3, ep12: a chat with social engineering hacker Rachel Tobac

Naked Security Live: Home Wi-Fi security tips

Home Wi-Fi security tips: 5 things to check

Time for a mobile privacy reset

8 tips to tighten up your work from home network

5 tips for keeping your data safe this World Backup Day

 

 

About the Author

Chester Wisniewski is Director, Global Field CTO at next-generation security leader Sophos. With more than 25 years of security experience, his interest in security and privacy first peaked while learning to hack from bulletin board text files in the 1980s, and has since been a lifelong pursuit. 

Chester works with Sophos X-Ops researchers around the world to understand the latest trends, research and criminal behaviors. This perspective helps advance the industry's understanding of evolving threats, attacker behaviors and effective security defenses. Having worked in product management and sales engineering roles earlier in his career, this knowledge enables him to help organizations design enterprise-scale defense strategies and consult on security planning with some of the largest global brands.

Based in Vancouver, Chester regularly speaks at industry events, including RSA Conference, Virus Bulletin, Security BSides (Vancouver, London, Wales, Perth, Austin, Detroit, Los Angeles, Boston, and Calgary) and others. He’s widely recognized as one of the industry’s top security researchers and is regularly consulted by press, appearing on BBC News, ABC, NBC, Bloomberg, Washington Post, CBC, NPR, and more.

When not busy fighting cybercrime, Chester spends his free time cooking, cycling, and mentoring new entrants to the security field through his volunteer work with InfoSec BC. Chester is available on Mastodon (securitycafe.ca/@chetwisniewski).

For press inquiries, email chesterw [AT] sophos [.] com.

Read Similar Articles

Leave a Reply

Your email address will not be published. Required fields are marked *