BotNet News

Ransomware is a type of malware that, once it has infected your organization’s computers or servers, locks your files and documents. Then, it demands a payment to regain access to them. Often, attackers select organizations to target because they seem more likely to pay. For example, universities often have smaller security teams, and medical or law firms might feel compelled to pay in order to keep the details of an attack quiet. Other times, attackers use software exploits and flaws or cracked passwords to gain entry into the network before they begin hunting for systems to infect.

Once cybercriminals began to realize that ransomware could be an effective way to extort money from their victims, they turned the malware toward businesses. This is because, when attacks hit an enterprise, they can halt productivity and put revenue at risk. They are also more difficult to clean up, since the attackers can access and hold data indefinitely.

Since then, the malware has evolved to become more sophisticated. It has been combined with cryptomining, a form of digital mining that uses computer processing power to generate cryptocurrency. And it has even been used to target Internet of Things (IoT) devices, allowing attackers to hijack them and hold them hostage.

The good news is that if you can isolate the infected machine and disconnect it from the network and other devices, some variants of ransomware may be decrypted without paying a ransom. However, you should still make sure to back up your encrypted files on removable media.