BotNet News

Your source for Online Security News

Ransomware

With attacks on Colonial Pipeline, JBS Foods, and other high-profile organizations making headlines around the world, ransomware is getting the spotlight. Hackers are exploiting security weaknesses to hold the data of companies, governments and healthcare organizations hostage, often demanding tens of millions of dollars in payment.

The ransomware extortion business model is not only lucrative for the attackers but also highly effective in disrupting operations, halting productivity and ultimately driving away customers. This disruption can have a lasting impact on an organization’s financial results, including the cost of recovering from the attack (including reinstalling software, restoring files and addressing underlying issues).

Cybercriminals are continuing to push ransomware to new heights. For example, the latest variant of ransomware – Ryuk – is a sophisticated and targeted threat that requires months to infiltrate networks and begins by encrypting critical files, often using AES and RSA encryption. Ryuk then displays a ransom note demanding a large payment in Bitcoin.

Another variant, Maze, took things to the next level by combining file encryption with data theft. If victims refused to pay the ransom, hackers would publish the victim’s sensitive data online or sell it on the black market.

As cybercriminals continue to innovate and perfect their ransomware attacks, it’s important for all businesses to have a well-thought-out incident response plan in place. This includes isolating infected systems, powering down parts of the network to prevent spread and contacting Federal Law Enforcement when available.