Consider following on social media!
Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!
Brian: What!? I told you, them scripts are nonsense.
Kim: Then why do we still have money in our bank account?
Photo by Keira Burton, please support by following @pexel.com
No wait, you don’t have to twist our arm! We can talk about payment options. It should be common knowledge by now that clicking on links sent to you by “someone you may know” could land you in hot water with your computer, household, work, and bank.
But you’re not the only one who has to keep an eye out for phishing emails, big name companies are getting hit and are paying the price for it… well not only paying with money but with time.
We’re going to look at what kind of attack this is, who may have used it, what’s the functionality and effects upon its release, and some ways you can prevent this… well, at least try.
Photo by Tima Miroshnichenko, please support by following @pexel.com
The Attack
For those who are not familiar with ransomware attacks, we’ll quickly explain. With some phishing email attempts, sometimes depending on the threat actor’s goal, a link will be provided for you to click on.
Once you interact with the link and let’s say you downloaded a file, the malicious file can then run in the background and collect all of your data and encrypt it.
Afterward, a prompt will come up saying “We’ve collected your data and encrypted it, if you want it back then pay this amount through Bitcoin.” Usually, there is a timeframe accompanied by the prompt.
While the average person comes across this kind of attack, companies have been experiencing ransomware attacks lately and it doesn’t show any signs of stopping.
Photo by Andrea Piacquadio, please support by following @pexel.com
Who Can It Be Now
Clop, a ransomware gang affiliate of Russia is one among many requesting payments in the highest form and has been named for using this tactic. Clop has been known to request payment in, not only hundreds, thousands, but also in the millions for companies to get their information back and kept from being released.
Clop has recently launched a ransomware campaign against a few companies claiming to have collected their data and threatening to leak it to other threat actors but the biggest among them is the gas and oil company known as Shell.
However, in most if not all cases, paying the ransom only fuels the threat actors to commit more ransomware attacks.
Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?
Marshall: Look ahead of us, not behind us. Those days are over.
Photo by Carsten Vollrath, please support by following @pexel.com
The Sinking Feeling
Like an affair being exposed at a wedding, there are many factors that lead up to this event. A complex approach is becoming a part of the organization, working hard to rise in the ranks and gain a high enough level of privilege to access where sensitive data is being kept and installing malicious malware onto their systems.
The other and least complex is spear-phishing or even whale-phishing. Whale-phishing is aimed for someone like the CEO of the organization while spear-phishing is aimed for certain personnel who may have the level of privilege needed to fall victim to the ransomware attack.
Once a target has been chosen and unfortunate enough to not pay attention to the ongoings of clicking on the provided link, a number of actions are set in motion.
A file or folder holding the malware is downloaded onto the machine. That malware is then released and depending on its program it could either collect the data and encrypt it or copy the collected data, encrypt it, and delete the files leaving behind empty files and directories.
Once information aggregation is complete, whatever is collected is sent back to a command and control (C2C) server for the threat actor to decide what is important and what they would like to do with the information.
So, yeah, this is like having the side chick show up on your wedding day when you’re just trying to get married. The moral of the story is; don’t have a side chick if you care about keeping your information secret.
Photo by Sora Shimazaki, please support by following @pexel.com
The Prevention
Now, don’t panic, there are some ways you can prevent this. Since most of the time this is done by phishing attempts, practicing examining emails, and looking for things like questionable grammar, grammar Nazis this is where you can shine with your superpower and people will love you.
The option for you to hover your mouse over the link and see where it would take you is there although I won’t really suggest this as some people may be heavy-handed and accidentally click on the link.
Copying and pasting the link into Google’s search engine could also help id if the link is legit or not. If you do click on the link and are redirected to a website, leave immediately and pay attention to your downloads as visiting the website may have a drive-by download—this is where a download happens without your interaction, if this happens delete the files immediately and scan the computer. Keeping the antivirus software, OS (Operating System), and employee awareness training up to date will help ensure ransomware attacks are kept at bay.
Security isn’t a hundred percent guaranteed but not having something in place guarantees a hundred percent chance of an infection.
Photo by Travis Saylor, please support by following @pexel.com
Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.
Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.
Do you feel like there is something I may have missed on ransomware attacks? Script a comment below.
