BotNet News

As ransomware evolves, it will likely move beyond targeting individual computers. Instead, cyber criminals may target networks or infrastructure like the industrial robots used in manufacturing or the sensors that run today’s smart cities.

Ransomware attacks are typically launched by phishing, vulnerability exploitation and compromising remote access protocols. Once attackers gain a foothold in the targeted system, they focus on understanding what they can access locally and on gaining access to other systems and domains – a process called lateral movement.

During this phase, hackers typically hide the files on the computer by encrypting their file names. This encryption prevents users from recovering their files without paying a ransom. Once the encryption is complete, attackers present a ransom note in the form of a text file or a changed background image on the victim’s screen.

Cybercriminals are aware that businesses depend on their computers to manage critical data, perform essential operations and communicate. This is why businesses remain a favorite target of ransomware cyberattacks. If a business cannot function, it can lose revenue and its customers can be put at risk.

Government agencies and schools are also increasingly becoming targets for ransomware attacks. Attacks against government agencies can impact missions, disrupt public services and pose national security risks. In addition, the recent WannaCry attack hit dozens of hospitals and medical facilities around the world. Attacks against schools can interrupt student learning and erode teacher morale. Regardless of their size, all organizations can be vulnerable to ransomware. Educating employees on the warning signs, including suspicious external links and questionable file attachments, is critical. Additionally, regular patching and updating software and operating systems can help reduce the likelihood of an attack.