Enterprise Ransomware
"Treat ransomware like online terrorists"
The Rise of Enterprise Ransomware, aimed at medium to large sized organisations is currently on the rise. Cases of governments and organisations being forced to pay the ransom is frequently appearing on the news.
Enterprise-wide ransomware attacks such as Ryuk, BitPaymer and MegaCortex are just some of the more well-known threats to organisational cyber security. Unlike traditional ransomware attacks that are purely automated and aimed at trying to attack as many machines possible, Enterprise-wide attacks are manual, planned at specifically aimed at the organisation that is being attacked and timed in order to achieve maximum impact.
Let’s talk more about the different types of major enterprise ransomware, their impacts and the best pro-active measures that can be undertaken in order to improve security against these kinds of attacks.
Ryuk:
Pronounced ‘Ree-Yook’ (for all the non DeathNote anime fans), it attacks the system by shutting down a long list of existing processes and service within the organisation.
Ryuk is on top of the list of the most dangerous ransomware attacks in the world. Ryuk accounted for a ransom demand of $12.5 million dollars, the highest in 2020.
The group behind this attack is very well known for demanding 5 or 6 figure ransoms.
MegaCortex:
Another dangerous ransomware attack that was first identified in January 2019. This strain of ransomware deploys a mixture of both, manual and automated components to infect devices in large corporations. The main capabilities of this ransomware include theft of information, file encryption and the disabling of user access rights.
BitPaymer:
Bitpaymer is a ransomware attack that attacks and affects mid to large sized organizations that have the ability to pay higher ransom demands as compared to its smaller counterparts. These attacks are highly targeted in nature and the payments are usually much higher than the average ransomware attacks ($1M +).
BitPaymer encrypts Apps and Program Files along with the organisational data. They are notorious for their ability to cover their tracks.
- Lock Down Remote Management.
- Regular backup and ensure that a recent backup copy is always kept offline and onsite.
- Proactive monitoring, 24 x 7.
- Constantly review and upgrade your cyber security configurations and deployment.
- Educate your workforce of the best cyber security practices.