The spate of ransomware in the cyber landscape of the world and the way it has been impacting the digital world and beyond, has made it a crime, which is dreaded by one and all. Only the ignorant are saved from this precarious mental condition. What all ransomware can attack and in which manner, keeps opening newer and newer ways with every passing incident and week under review. Now there is a desperate attempt to get NAS (Network Attached Storage) devices off the internet. Security cannot be full proof is what we have always accepted and now the same story is unfolding in the cyber security world. It has been seen in recent times that ransomware attacks can be tied to anything including political protests.
The Colonial Pipelines and JBS ransomware attacks and the booty these hackers made is known to the whole world. That does not mean that there could keep only the big fishes on their radar. This week’s biggest news is about a ransomware operation called DeadBolt. It was targeting a new set of devices, encrypting QNAP devices worldwide. It is very conspicuously demonstrated how the threat actors can earn a lot of money, while targeting only consumers and small businesses. The attacks started on January the 25th 2022. Having the vulnerability known, it spread like wildfire. Since then it has encrypted over 4,300 QNAP NAS devices, where they demand 0.03 bitcoins, worth approximately $1,100, for a decryption key.
Given the small demand and not interested in getting into the hassle of finding other ways to decrypt data or find a workaround, they did what the hackers wanted. They paid the ransom. Unfortunately, this made the attack very successful. This is a modus operandi they are likely to repeat in the near future. Though this attack hogged the limelight, there were other ransomware attacks as well in the week gone by. There was a Conti attack on Apple and Tesla contractor Delta. Besides, this there was also an attack on Belarusian Railway in protest of Russia using Belarusian Railway’s rail transport network to move military units and equipment into the country.
Ransomware attacks are gaining ground as a tool for political protest, done effectively without very little or no chance of getting caught. This is the real digital age. Might be in the days to come it might turn out to be a regular tool of democratic protest. This week had another interesting story, of ransomware gangs calling people whose data had been stolen. There has also been an increase in attempts by these gangs to recruit insiders, which makes the operations relatively easy. The other highlights of the week have been an analysis of LockBit’s ESXI encryptor and also a fantastic report detailing the history of REvil. Lots to learn before even thinking of being digitally safe.
RANSOMWARE HAS COME OUT OF THE CLOSET TO REAL LIFE EXISTENCE.