Cyber Security and Information Systems Information Analysis Center
Ransomware is computer malware that installs covertly on a victim's device and that either mounts the cryptoviral extortion attack from cryptovirology that holds the victim's data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim's data, until a ransom is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
Ransomware incidents are on the rise, specifically due to expanding and complex network configurations. Not only are the incidents costly, monetarily and timewise, but also lead to long-term impacts on the nation's critical infrastructure. This CSIAC video podcast describes some best practices that can assist in preventing incidents on a network and mitigate Read More
Ransomware incidents are on the rise, specifically due to expanding and complex network configurations. Not only are the incidents costly, monetarily and timewise, but also lead to long-term impacts on the nation’s critical infrastructure. The Cybersecurity & Infrastructure Security Agency (CISA) defines critical infrastructure as the physical cyber Read More
According to a report published today by US cyber-security FireEye, 76% of all ransomware infections in the enterprise sector occur outside working hours, with 49% taking place during nighttime over the weekdays, and 27% taking place over the weekend. Read More
Cybercriminals have been busy lately trying to exploit the coronavirus for their own malicious purposes. As such, the spread of COVID-19 has led to an increase in phishing emails and other malware designed to entrap people looking for information about the virus. A new type of ransomware known as CovidLock encrypts key data on an Android device and denies Read More
Through the analysis of collected ransomware bitcoin wallets and ransom notes, the FBI states that victims have paid over $140 million to ransomware operators over the past six years. Read More
The Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations across all critical U.S. infrastructure sectors about a recent ransomware attack that affected a natural gas compression facility. Read More
Nothing encourages ransomware attacks like victims who pay up. Read More
Hackers used Ryuk ransomware to infiltrate computer networks at a marine transportation facility, causing an outage of roughly 30 hours, the U.S. Coast Guard said in a recent security advisory. Read More
The FBI has issued a warning to the private industry of cyber attacks involving the LockerGoga and MegaCortex Ransomware. Read More
The conference, held at Carnegie Mellon University in Pittsburgh, saw organizations from computing giant IBM to consulting firm Kroll share what they've learned from tracking attackers and helping victims recover from ransomware. Read More
