cyber trends
CYBERATTACKS IN THE FORM OF
RANSOMWARES ARE EVOLVING IN
THE GLOBAL PANDEMIC SITUATION.
SUBHALAKSHMI GANAPATHY, PRODUCT
EVANGELIST, MANAGEENGINE, EXPLAINS
HOW THESE NEW RANSOMWARE WORK.
ith the spread of
W
the Coronavirus
disease
(COVID-19)
around the world,
cybercriminals
are leveraging
the fear and uncertainty that’s prevailing
around the pandemic and launching
unscrupulous ransomware attacks on
healthcare institutions that treat infected
patients and also run tests for the
COVID-19 vaccination.
In the past, ransomware attackers
operated in a specific way by locking
down the system and demanding a
ransom for the decryption key. But the
situation is fast changing. Let’s take a
look at how these new ransomware work.
What’s the next ransomware?
Cybercriminals are now pairing
ransomware encryption with data theft.
Countering
the new
generation of
attacks driven
by COVID-19
Apart from encrypting data and asking
for a ransom, adversaries have started
stealing credentials while encrypting
critical files. The recently spotted
Dharma virus attack on a Dubai-based
company is also a classic example of
this new ransomware attack.
This attack arrives through a phishing
email with a MS Word document and
a password. Once the user clicks and
opens the Word document, two payloads
get injected into the user’s system. One
of the payloads encrypts the files on the
affected system while the other steals all
the stored credentials, including online
credentials. In fact, the encryption is just
a cover-up for the credential theft payload.
How does ransomware 2.0 work?
With the spread of the COVID-19
pandemic, VPNs and remote access
services have become Business
Continuity lifelines. Their roles in
corporate networks have been flipped.
18 Issue 27 | www.intelligentciso.com