Articles about Ransomware

The second quarter of this year has seen two of the largest recorded cyber attacks in WannaCry and NotPetya, and the latest quarterly report from Panda Security reveals there's been an increase in unknown threats too.

PandaLabs analyzed attack data collected from all devices protected by one of Panda Security's solutions and discovered a 40 percent increase in attacks from unknown threats from the previous quarter.

Continue reading →

Ransomware is often considered a somewhat low-stakes annoyance: in most cases, the data itself doesn’t leave the network and public operations aren’t compromised. NotPetya changed the game -- it’s shown us the potential of how wildly damaging ransomware infections can be from here on out. It can feel like science fiction at times, but is now utterly reasonable to consider any data or device with a CPU and memory on your network as something that can be held hostage by ransomware.

Ransomware has proven to be a lucrative endeavor: more and more central and important systems are being targeted. Cryptolocker targeted family photos. Later variants somewhat indiscriminately encrypted any user file they had access to -- and last month, we saw NotPetya locking out machines entirely.

Continue reading →

Ransomware victims have paid more than $25 million in the past two years to get their data back, a new study by Google has shown.

The report, made by researchers at Google, Chainalysis, UC San Diego, and the NYU Tandon School of Engineering, followed the trail of cryptomoney through the blockchain, allowing researchers to get a birds-eye view of the ransomware world.

Continue reading →

A new study from anti-malware specialist Malwarebytes reveals that UK users are most likely to pay up if hit by ransomware.

The study of over 1,000 companies across the US, France, UK, Germany, Australia, and Singapore reveals that 56.9 percent of UK businesses surveyed opted not to pay the ransom, and 46.2 percent lost files by not paying. In comparison, 84.1 percent of French businesses surveyed opted not to pay the ransom, and only 24.5 percent lost files.

Continue reading →

In recent months we've seen high profile ransomware attacks target many businesses, and we've seen cyber criminals making greater efforts to target their victims.

A new study from endpoint protection company SentinelOne and De Montfort University has been looking at how social engineering tactics are used by cyber criminals to manipulate and elicit payments from victims.

Continue reading →

The ransomware attacks that make the news are the ones like WannaCry and NotPetya that spread rapidly and affect many businesses.

But there's a new breed of manual ransomware attack happening that seeks to pick its victims much more selectively with a view to causing maximum disruption. We spoke to Roy Fisher, incident investigator at cyber security company MWR to find out more.

Continue reading →

On June 27, reports of a rapidly spreading ransomware attack started to emerge from Ukraine. The speed at which critical infrastructure networks were shutting down pointed to a ransomware application with a wormable component, whose virality called to mind the WannaCry ransomware. In less than three hours, the infection crippled banks, ATMs, public transport and an airport, as well as utilities provider Kyivenergo. Then it spread outside the Ukraine.

As multiple critical infrastructure networks reported major blackouts, Bitdefender started an internal investigation over isolated malware samples to trace the attack’s origin and better understand what it targeted, and how.

Continue reading →

Recent high profile ransomware attacks including WannaCry and NotPetya have highlighted the fact that often the time organizations take to recover is just as damaging as the attack itself.

Network visibility firm Portnox is aiming to tackle this with the launch of Rapid Ransomware Response and Control as part of its suite of network access control (NAC) systems.

Continue reading →

The Petya ransomware -- and several variants -- wreaked havoc with data around the world, but now the author of the original malware has released the master decryption key.

Janus Cybercrime Solutions has provided a key that work with all "official" variants of Petya (meaning NotPetya is not included). The key was released to -- of all places -- Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.

Continue reading →

Police in the Ukraine have seized the servers of Intellect Service, a company supplying accounting software, as part of their investigation into the NotPetya ransomware attack.

A malicious update to Intellect's MeDoc accounting package is believed to have been responsible for some of the initial NotPetya infections.

Continue reading →

Ransomware is barely out of the news these days. We had WannaCry wreaking havoc not so long ago, and now it’s the turn of Petya/NotPetya. And those are just two of the better-known threats; there are plenty more forms of ransomware out there which, while maybe not as prevalent, can have just as devastating an effect.

If you’re concerned about the threat of ransomware, which is easily one of the nastiest forms of malware out there, we have a selection of ebooks and whitepapers you can download for free which will give you all the knowledge you need to avoid becoming a victim, and which can help you recover from an infection.

Continue reading →

With ransomware hitting the headlines at the moment thanks to the Petya/NotPetya attack, a timely new report from cloud data protection specialist Druva reveals it's becoming a ubiquitous global threat affecting enterprises large and small and devices of all types.

The survey of more than 800 companies shows that over 80 percent of respondents report ransomware attacks are on the rise and that half of businesses hit by ransomware have been attacked multiple times.

Continue reading →

The ransomware attack we reported yesterday may have begun in the Ukraine, but it spread rapidly across Europe and has now hit companies in Australia and the US including pharmacy giant Merck.

A variant of the Petya ransomware now being dubbed 'NotPetya', it spreads initially by phishing emails and once on a system the ransomware demands $300 in bitcoin. When it's installed on one system behind a firewall it's able to spread rapidly to others on the same network.

Continue reading →

Companies, government departments and airports in the Ukraine have been hit by ransomware this afternoon and the attack now appears to be spreading across Europe.

In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, Kiev airport and the metro network have all been hit. In the UK, the advertising company WPP says its systems have also been taken down, and Danish transport company Maersk reports sites and business units shut down by the attack.

Continue reading →

The cost of a ransomware attack can be pretty substantial. Businesses that are not well prepared are looking at lost revenue from downtime and massive damage to their reputation, not to mention a pretty hefty ransom bill as well.

For web hosting company Nayana, that was $1 million. Nayana, which is based in South Korea, had 153 of its Linux-based servers infected by the Erebus ransomware on June 10. The attack affected roughly 3,400 customers that relied on its services for hosting websites, databases and multimedia content.

Continue reading →