Written by Cytellix - an IMEC cybersecurity partner
There has been a lot of recent news and discussion about several malware variants that have been defined as ransomware attacks. There are and have been other damaging malware attacks, but ransomware popularity is currently very well publicized.
Ransomware attacks are not simple but are commonplace in the market today. These attacks typically find their way into an organization through social engineering. To be more specific, the malware is embedded in an attachment as an executable. There are several outcomes from ransomware that we have seen thus far: an individual machine is encrypted and the decryption key is held for ransom by the attacker and a currency request of a “Bitcoin” is requested to decrypt the machine in question. The nastier variants can traverse from machine to machine through the network, creating a systemwide infection. This attack causes severe networkwide shutdowns, causing an organization to recover through more significant ransom payments, or if the company was prepared, backup remediation steps are taken.