BotNet News

A ransomware attack can threaten the availability of critical information, disrupt operations and limit access to business applications. Attackers target a variety of industries and organizations, from hospitals to governments to education.

Cybercriminals are evolving their ransomware. They have introduced variants that encrypt more files, impose larger ransom amounts and demand multiple payments. They have also added features, such as countdown timers, that encourage victims to pay quickly and infection routines that enable them to spread widely across systems and servers. In addition, they are experimenting with new tactics and techniques, such as distributing malware through affiliates (RaaS) to increase their profits.

Attackers know that many businesses are willing to pay a ransom to regain control of their systems. As a result, they have identified and targeted these businesses as the ideal targets for ransomware attacks. Moreover, a company that pays a ransom is likely to be targeted again in the future because it has signaled its willingness to pay.

Hospitals must prepare for ransomware attacks by recognizing the threats and their impacts, updating their cybersecurity and enterprise risk management practices to align with this elevated threat level, and communicating the nature and seriousness of the attacks to staff, business partners, public policy organizations, law enforcement agencies and legislators.

Having a well-practiced incident response plan is essential, including steps such as isolating affected systems and devices, powering down aspects of the system, deleting or wiping data on infected machines, blocking C&C domains, deploying high-priority security patches and contacting law enforcement.