BotNet News

Your source for Online Security News

Ransomware

Ransomware is malware that encrypts files or takes control of an entire network, rendering them inaccessible until a ransom is paid. This type of malware is one of the fastest growing cyber threats and can impact businesses of all sizes.

Often, attackers will display a lock screen on the victim’s device or network indicating that all files have been encrypted and a deadline for payment is approaching. Victims are then prompted to pay the ransom, usually using cryptocurrencies like Bitcoin, which makes it impossible for victims to reverse the transaction and regain access to their data. Attackers also frequently delete backup and shadow copies of files to prevent victims from restoring the data without paying the ransom.

Many cybersecurity experts recommend that victims of ransomware not pay attackers, as this just perpetuates the monetary incentives for hackers. However, the reality is that most victims do not have an alternative. The time needed to restore from backups or pay the ransom can cost a business thousands in productivity and lost revenue, and even when organizations successfully pay an attacker, they do not always receive the decryption keys necessary to restore their data.

Whether an organization has been attacked with a vintage ransomware variant such as Petya or a more modern malware program like Ryuk, it’s important to report the attack to law enforcement. Not only does this help them develop decryption systems to combat the threat, but it also ensures that the attack isn’t forgotten and becomes a repeat offense.