Ransomware becoming dangerous with double encrypting users data
By MYBRANDBOOK
Ransomware groups have always taken a more-is-more approach. Double-encryption attacks have happened before, usually stemming from two separate ransomware gangs compromising the same victim at the same time. But antivirus company Emsisoft says it is aware of dozens of incidents in which the same actor or group intentionally layers two types of ransomware on top of each other.
Emsisoft threat analyst Brett Callow, says, “The groups are constantly trying to work out which strategies are best, which net them the most money for the least amount of effort. So in this approach you have a single actor deploying two types of ransomware. The victim decrypts their data and discovers it’s not actually decrypted at all.”
Some victims get two ransom notes at once, Callow says, meaning that the hackers want their victims to know about the double-encryption attack. In other cases, though, victims only see one ransom note and only find out about the second layer of encryption after they've paid to eliminate the first.
Emsisoft has identified two distinct tactics. In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B. The other path involves what Emsisoft calls a “side-by-side encryption” attack, in which attacks encrypt some of an organization's systems with ransomware A and others with ransomware B. In that case, data is only encrypted once, but a victim would need both decryption keys to unlock everything. The researchers also note that in this side-by-side scenario, attackers take steps to make the two distinct strains of ransomware look as similar as possible, so it's more difficult for incident responders to sort out what's going on.
Ransomware gangs often operate on a revenue-sharing model, where one group builds and maintains a strain of ransomware and then rents its attack infrastructure to “affiliates” who carry out specific attacks. Callow says that double encryption fits into this model by allowing clients who want to launch attacks to negotiate splits with two gangs that can each provide a distinct strain of malware.
The question of whether to pay digital ransoms is a thorny and important one. And ransomware victims who choose to pay already need to be wary of the possibility that attackers won't actually supply a decryption key. But the rise of double encryption as a strategy raises the additional risk that a victim could pay, decrypt their files once, and then discover that they need to pay again for the second key. As a result, the threat of double encryption makes the ability to restore from backups more crucial than ever.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
FIRE BOLTT
HIMACHAL FUTURISTIC COMMUNICATIONS LTD.
ALPHAMAX TECHNOLOGIES PVT. LTD.
BHARAT ELECTRONICS LTD.
Icons Of India : CP Gurnani
Former Managing Director and CEO of the well-known IT service company ...
ICONS OF INDIA : RAJIV MEMANI
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Icons Of India : Daisy Chittilapilly
Daisy Chittilapilly is the President of Cisco’s India and SAARC regi...
NPCI - National Payments Corporation of India
NPCI is an umbrella organization for operating retail payments and set...
BEL - Bharat Electronics Limited
BEL is an Indian Government-owned aerospace and defence electronics co...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design
Anirudh Devgan, the Global President and CEO of Cadence Design Systems...
Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson
Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...
Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank
Ajay Banga is an Indian-born American business executive who currently...