BotNet News

Your source for Online Security News

Ransomware has come a long way from its humble beginnings as a worm that encrypted files and required payment in order to return them to their owners. It now infects and steals digital assets, encrypts them, and then forces computers to use their computing power for cryptomining so that cybercriminals can generate virtual currencies from the stolen data and cash out via bitcoin or other methods.

The ransomware craze is growing exponentially, and it’s not just large enterprises that are vulnerable. Attackers are targeting small and medium-sized businesses, which often have less robust cybersecurity than larger organizations. They’re also targeting the Internet of Things, where cybercriminals can hold connected homes and cars hostage and demand a ransom to unlock them.

Cybercriminals can gain entry to your network in a variety of ways, including phishing email attachments, compromised websites that exploit known vulnerabilities, and unpatched software. Once inside the network, ransomware can spread from computer to computer via file sharing, instant messaging, and even removable USB drives. Once on a system, it can take advantage of common exploits to gain administrative access or hide in the background until victims open or execute a malicious payload.

Many companies that have paid a ransom say they did receive a decryption key, but criminals aren’t in the business of keeping their word. And it’s not uncommon for the encryption process itself to corrupt some files beyond repair, so that even a good decryptor can’t recover them. Plus, complying with a ransom demand can give attackers valuable information about the organization that they can use to target it again in the future.