Recently, a well known internet technology company Accenture was hit with ransomware attack. According to ThreatPost, the ransomware-as-a-service group LockBit 2.0 targeted the company with its ransomware on August 11, 2021, threatening to release and sell the data unless a ransom was paid.
What is Ransomware?
Ransomware is a type of malware that encrypts the files of its victims. The attacker then demands a ransom from the victim in exchange for restoring access to the data.
Users are given information on how to obtain the decryption key by paying a charge. The fees can range from a few hundred dollars to thousands of dollars, and they are paid in Bitcoin to hackers.
There are several ways for ransomware to get access to a computer. Phishing spam, where attachments were sent to the victim in an email that appear to be a file they should trust, is one of the most popular delivery tactics. They can take over the victim’s computer once they’ve been downloaded and opened, especially if they contain built-in social engineering techniques that deceive victims into granting administrative access. Other, more aggressive ransomware, such as NotPetya, takes advantage of security flaws to infect machines without the need to deceive people.
Should You Pay for the Ransom?
Most law enforcement agencies advise against paying ransomware attackers on the speculative grounds that doing so encourages hackers to generate more malware. Since the people you’re dealing with are, of course, criminals, there are a few tough things to keep in mind here. First, what appears to be ransomware may not have truly encrypted your data; check to see if you’re dealing with “scareware” before sending any money to anyone. Second, paying the attackers does not guarantee that your files will be returned to you. Sometimes the thieves simply take the money and run, and the software may not even include decryption functionality. But any such malware will quickly get a reputation and won’t generate revenue, so in most cases the criminals come through and your data is restored.
References:
https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html