BotNet News

Your source for Online Security News

Ransomware has become a serious threat to business. It can disrupt supply chains, destroy reputations and even put lives at risk. According to the Allianz Risk Barometer 2022, it is the most common concern among global respondents, beating out concerns about COVID-19, climate change and data breaches.

Ransomware is malware that encrypts files and demands payment to unlock them. It is typically distributed through malvertising and takes advantage of security flaws to get inside an organization. As the threat has matured, organized crime gangs have entered the arena. They have recruited “experts” on the Dark Web and refined the malware to better target companies, steal credentials, and evade detection by anti-malware scanners.

Encryption is either asymmetric or symmetric and attacks can be delivered via network, local or removable drives. Once a file is encrypted, no security software or system restore can recover it unless the attackers release a decryption key. Cybercriminals often demand payment in cryptocurrency (mainly Bitcoin) because it reduces the risk of being caught and allows them to operate anonymously.

Some ransomware variants, like Ryuk, impose large demands and have hit American news outlets and North Carolina’s Onslow Water and Sewer Authority. However, paying a ransom does not guarantee that attackers will not continue to extort money or threaten to make stolen or encrypted data public. And, once an organization has paid a ransom, it paints a target on its back, making the company a more attractive target for future attacks.