Spam

More spam than ever flooded email inboxes in 2016. Spammers continued to evade filters by using one or more of the thousands of newly created domain extensions.

In 2013, the Internet Corporation for Assigned Names and Numbers (ICANN), began releasing new top-level domains such as .money, .sport, .accountants, .marketing, .music, .biz, .trade, .click, .zip, .science and more. The new domains represented the biggest update to the internet since the first set of top-level domains (.com, .org, .net, .edu, .gov) were launched  in 1984.

Unfortunately, the new domains quickly become abused by spammers. This, for example, is exactly what happened with .info shortly after its release – it become tainted and promoted for spam purposes.

Ransomware

An article published last year in Info Security Magazine, posited that 2016 will be “the year of ransomware.”

There were many instances of ransomware in 2016, including the case of the Hollywood Presbyterian Medical Center. The hospital’s network ground to a halt after hackers breached the system in early February and held it for ransom. Ultimately, the hospital gave in to demands and paid 40 bitcoin ($17,000) to regain control of its network.

Ransomware can be spread by fake email, ads or downloads, and typically falls into two main categories: “locker” and “crypto.” In both cases, you must pay the ransom to regain control of your device or data.

  • Locker programs leave your data untouched but keep you from accessing it on your device. Examples include Winlocker.
  • Crypto programs allow access to your device, but encrypt the files. Examples include the very prolific CryptoLocker (2013) and its many variants that continue to flourish today.

First appearing in 1989, ransomware has since become more sophisticated, harder to break and extremely lucrative for the perpetrators. Some of our Future Link IT clients were affected by ransomware in 2016 – we hope you were not one of them.

The best defense against ransomware is to regularly back up your data and test your backup system at least once a year. In addition, continue to be wary about clicking on email attachments, even from friends (whose computers may themselves be infected), or downloading applications from any but the best-authenticated sources.