Analysts have observed that ransomware attacks have doubled yearly since the beginning of the COVID-19 pandemic restricted people’s movements and resulted in an increased work from home policies. Lack of cybersecurity awareness and measures in place resulted in hackers carrying out these attacks consistently and with ease on large companies and small firms across all industries. TechTarget states that ransomware payments, on average, have increased by 43% from the last quarter of 2020.
For those unaware: a ransomware attack involves sensitive data of an organization being accessed and stolen by cybercriminals. A ransom then has to be paid to the hacker group; otherwise, the company cannot access the data, which may even be leaked to the public.
With a rise in ransomware attacks, it is essential to know its various types and precautions to help you from falling victim to such attacks.
Maze Ransomware was discovered back in 2019 and since then has been used to target high-profile victims such as Cognizant, Canon (allegedly), Xerox, etc. This ransomware gained its reputation for being notorious as it follows a unique procedure of posting sensitive information publicly using a variety of methods.
Maze encrypts all the files stolen from victims unless a ransom is paid. Should the ransom not be paid on time, the files are published on the internet for the world to see. Even if those files are removed later on by authorities, the damage to the company is already done.
REvil is a form of ransomware in which the victim’s files are encrypted, and a message is sent requesting payment in Bitcoin in exchange for the files. If the amount is not paid on time, then the ransom required doubles.
REvil is infamous for targeting and collecting sensitive information of multiple celebrities such as Robert De Niro, Drake, Mariah Carey, Rod Stewart, and Elton John and uploading it on the dark web. In addition to this, legal documents concerning a tour of Madonna and computer files from other musicians like Bruce Springsteen, Bette Midler, and Barbra Streisand were leaked.
Ryuk ransomware involves the use of other malware to infect a system. It involves the same tactic of blocking access to the victim’s files via encryption until a ransom is paid. However, the key difference is that it utilizes robust military algorithms such as RSA and AES to encrypt files, using a different key for each execution.
Ryuk targets large corporations and government agencies as the ransom demanded in exchange is often an astronomical amount. EMCOR, a Fortune 500 company, has fallen victim to this ransomware in the past.
Tycoon ransomware is a recent form of malware written in Java and spread using a trojanized version of the Java Runtime Environment. It is known to target Windows and Linux devices using ImageJ, which is a Java image format.
This ransomware attacks by infiltrating accounts that are protected by weak or compromised passwords. Although its victim numbers are low at the moment, it has been seen attacking several organizations in the education and software industries.
NetWalker (also called Mailto) is a new form of ransomware that breaches the network of its targets and encrypts all Windows devices connected to it. It uses an embedded configuration and has been known to target a variety of individuals and organizations, from healthcare to government agencies.
It spreads by using a VBS script present in phishing emails and executable files spread through networks.
How Can Ransomware Attacks be Prevented?
There are a few simple but effective steps that businesses and individuals can take which will go a long way towards preventing them from being the next victim of a ransomware attack:
- Conduct Cyber Awareness sessions and train employees to be prepared for cyberattacks.
- Use strong passwords and avoid using repeated passwords.
- Keep backups of sensitive data on offsite data centers.
- Avoid opening any suspicious emails or links.
- Update system software and plug-ins as soon as possible.