Cybercriminals are making a great deal of money by selling your PII on the dark web and those who purchase the data use it in identity theft. Your PII can be used to file false tax returns, open lines of credit or to make fraudulent purchases under your name. This is just a few examples of what cybercriminals can do with your PII. The price for pieces of your PII has come down significantly over the last two years. In late 2015 Trend Micro reported that the price for PII has dropped from $4 to $1. There are supply and demand economics at work in the criminal world, too.
It doesn’t seem like cybercriminals are making a lot of money at $1 per record when you are considering just your own PII. However, cybercriminals are infiltrating large companies like Anthem and stealing millions of records at a time. Millions of records stolen at even $1 a record is a large sum of money. Cybercriminals can make more money selling PII from one major breach than you have probably earned in your lifetime. Not too bad for a day’s work.
Why Signature Based AntiVirus Solutions Fail to Detect Crypto Ransomware
What is interesting about Trend Micro’s report "Dissecting Data Breaches and Debunking the Myths" is their finding that the main reason for a data breach is not due to cybercriminals at all but in fact a product of the user. 41 % of data breaches were the result of a user losing or having their device stolen, while 25% was due to hacking and malware.
It’s important that companies scrutinize and secure the sensitive information that is stored on their employee’s devices like mobile phones, laptops, and flash drives. If any of these devices are lost or stolen, they become an easy way to steal data.
It is true that so far ransomware variants have encrypted data and held it ransom. Having PII stolen in a ransomware attack has not happened yet, but we at WatchPoint believe that is the next evolution of ransomware. We recently highlighted Sextortion and how cybercriminals are using explicit videos and images to extort money from individuals. Once the cybercriminals have copied your data offsite, they can demand a ransom over and over again.
At WatchPoint, we believe the next variant of ransomware will encrypt your data locally and in addition, will use exfiltration to copy your data offsite and hold it for ransom. If cybercriminals exfiltrate PII, they can collect the ransom from you to decrypt the data and further profit from selling the PII on the dark web.
There are a number of things you can do today to protect your PII. I recommend all businesses who collect and store customer PII to read the DHS guidelines for dealing with PII.
Thoroughly Inspect All Emails Received
Ransomware attacks are primarily delivered through email campaigns where the cybercriminals spoof a fax delivery, bank statement or utility bill. Clicking on the link or attachment starts the crypto ransomware infection, and the end user doesn’t even know they are infected until after the ransomware has encrypted their data. Only after the data is encrypted do you get at least two pop-up messages with the ransom demand.
Encrypt Data on Devices
Do not transport any data that contains PII unless that device has been encrypted. Do not remove sensitive PII from the workplace unless instructed by a manager. Never leave sensitive PII in hard copy unattended and unsecured.
Use Two-Factor Authentication
Two-Factor Authentication is an excellent security mechanism that adds another layer to your complex passwords already in use. With Two-Factor Authentication, a user not only has to provide their password but they also need to input another component which is usually something that the user knows, something that the user possesses or something that is inseparable from the user. For example, you might use a product like Google Authenticator. After supplying your account password, you will get prompted for a six digit code supplied by the authenticator app. The App generates a new and unique random code every 30 seconds.
In this 2-minute video, learn how our proprietary anti-ransomware technology can protect your most critical asset, your data. Check out the CryptoStopper.io FAQ to learn more.
More Reading for Your Enjoyment