Brilliance Security Magazine, May 21, 2020, Article by Willy Leichter, Virsec
Ransomware attacks make news nearly every day – they are the fastest-growing malware threat targeting organizations and users. COVID-19 has worsened the threat landscape further, taxing resources in compromised areas like healthcare, critical infrastructure and essential businesses even more.
All organizations in every sector should be taking steps to protect themselves. Sophisticated malware developers continue to take ransom attacks to new levels. These two ransomware attacks below use methods that incorporate a disk wiper function – particularly destructive to the entire system.
- LockerGoga ransomware - Hackers disable a computer’s network adapter. After they’ve changed the user’s admin passwords, the attackers log the computer off the network so that it’s impossible for the admins to get back into their systems.
(See our articles on LockerGoga: Through a $40M LockerGoga Cyber Attack, Norsk Hydro Keeps its Good Reputation, Fights Back & LockerGoga Ransomware Slams Industrial Firms in Europe with Devastating Impact)
- MegaCortex ransomware - Combines attack activity that includes both malicious encryption (with ransom demands) and disk wiper actions against victims. If victims don’t pay the ransom, they not only lose their data, they could lose their entire operating system.
(See our articles on MegaCortex: MegaCortex (See MegaCortex Ransomware Worsens — Hackers Change Users’ Passwords & Make Blackmail Demands & MegaCortex Malware Strikes Business Networks, Does Damage Both as Ransomware and Disk Wiper)
If an organization suffers a hit from either of these attacks, not only do they have to deal with salvaging their lost data, they must also restore their OS and rebuild their entire system.
Ransomware Attacks Can Be Avoided--With the Right Proactive Steps
To avoid these attacks, it’s crucial to be able to detect the threat in each step before it occurs and address it with web attacks, command injections, deploying ransom tools, and encryption. However, if you do find yourself the target of a ransomware attack, it’s important to know how to respond.
Read Willy Leichter’s guidance on how organizations can protect themselves from ransomware.