BotNet News

In the realm of cyber threats, few have progressed and impacted so quickly as Ransomware. Wade Baker, collegiate associate professor of integrated security at Indiana University and co-founder of the cybersecurity think tank Cyentia Institute, has been at the forefront of studying this rapidly growing menace. He shares insights about ransomware, its evolution and how organizations can prepare themselves.

Ransomware is malware that, when activated by a malicious link or attachment, encrypts files and data on a computer so that it cannot be accessed until a ransom payment is made. Once cyber criminals encrypt your files, they are gone and no antivirus or system restore will recover them. In addition, many types of ransomware also delete backup and shadow copies of files to make recovery without the decryption key even more difficult.

Once ransomware gains access to a system, it can spread from victim to victim by using vulnerabilities like those exploited by the WannaCry and NotPetya attacks. Some ransomware variants are careful to only target specific folders and files, while others indiscriminately encrypt everything on the system. In either case, the results are the same: no security software or system restore can retrieve encrypted files until the ransom is paid.

Attackers have their sights set on a variety of sectors, including educational institutions, which are often considered low-hanging fruit because of lax cybersecurity measures in place. Hospitals and healthcare providers are also a frequent target. Supply chains are also emerging as an attack point, as demonstrated by the July 2021 ransomware attacks on Kaseya, a vendor of a popular remote management monitoring solution.