BotNet News

Ransomware has become the favorite weapon for criminal hackers and it’s no wonder. It is one of the easiest ways to make money and the consequences are relatively minimal compared to other cyber crimes.

Cyber criminals typically attack organizations like hospitals, schools and businesses where there is a lot of data that they can steal and/or encrypt. They then demand a payment in cryptocurrency in order to unlock or retrieve the files. Often the attacker will threaten to leak or release the information if the victim does not pay. This is referred to as “extortion malware.”

Some of the more prominent ransomware attacks include Colonial Pipeline, JBS USA, Nvidia, Travelex and Ireland’s national health service. Ransomware attacks can also cause major outages and even shut down critical infrastructure.

Most ransomware attacks begin with a vulnerability that has been discovered and exploited by threat actors. This could be a misconfigured server, an unpatched software flaw or even social engineering techniques. Small and medium-sized businesses are common targets because they tend to have poorer cybersecurity than large organizations. They can also be a low-hanging fruit for attackers who are looking to build their reputation and then target larger organizations with more assets.

Security professionals should have an incident response plan in place in the event of a ransomware attack and train their employees to recognize the signs of an illegitimate email or website link. In addition, platforms like Cortex XSOAR can help automate the incident response process to isolate the user and prevent them from accessing sensitive data.