BotNet News

Your source for Online Security News


The threat of Ransomware has become a daily reality for companies, with headlines of high-profile attacks against critical infrastructure, hospitals and private businesses grabbing attention on a near-daily basis. Cybercriminals are exploiting a growing number of vulnerabilities to gain access to systems and hold data hostage in return for a ransom payment. And as hackers continue to sharpen their skills, the amount of ransom demanded continues to rise.

Ransomware typically works by encrypting files and then displaying an unreadable message, often with instructions on how to pay for decryption keys. Depending on the type of malware, attackers may also threaten to publicize compromised data. This form of cyber extortion has been around for more than three decades, starting with the notorious AIDS Trojan Horse that Harvard biologist Joseph L. Popp sent on infected floppy disks to attendees of an AIDS conference in 1989.

There are many ways that ransomware can get into a network, with variants of the software being sprayed across the internet via spam email, downloaded from malicious pages and dropped by exploit kits onto vulnerable systems. Once a computer is infected with Ransomware, it can quickly spread throughout the network to lock down or encrypt files and prevent users from accessing them.

Once a company’s data has been encrypted, it is almost impossible to recover without access to the encryption key held by the attacker. That’s why it is so important for decision-makers to have a strong incident response plan in place, and to be sure their insurance carrier is aware of any attacks so they can evaluate the risk for coverage in case of the need to pay a ransom.