BotNet News

Ransomware is a type of malware that attacks your network and locks all of the data across your devices. The cyber criminal then demands a payment for a decryption key to return your files, sometimes demanding tens of millions of dollars. Attackers use phishing emails and social engineering techniques to get users to click malicious attachments that introduce the ransomware variant onto their device. From there, the malicious software searches for and encrypts valuable files before spreading to other devices and systems within your network.

Once cybercriminals get ahold of your data, no security software or system restore can return it to you without their untraceable bitcoin payments. This is why it’s so important to make sure you have backups of your entire digital environment — separate from your centralized network — and that they are regularly tested for recovery.

Often, attackers will target organizations by first using Emotet or TrickBot, information stealing Trojans that infect targets before delivering the nefarious Ryuk ransomware to them. Once the malware slithers into a network, it will look for opportunities to spread, which typically includes opening ports and accessing shared files.

Ransomware attacks have made headlines this year – from Colonial Pipeline to the meatpacker JBS and the largest ferry service in Massachusetts. Cybercriminals are taking advantage of security weaknesses to extort tens of millions of dollars from companies and municipalities alike, and there’s no sign that they’ll slow down. In fact, it’s now more profitable for attackers to focus on large companies rather than individual users, which is why they continue to increase their attack rates and escalate their demands.