Ransomware has “mutated” into something “even more damaging” and an “even bigger threat”, according to cybersecurity training platform KnowBe4. The company claims that this new and evolved ransomware, which it dubs “Ransomware 2.0” works in such a way that even backup copies of most important files won’t be able to save an infected organisation.
The “new normal”, KnowBe4 says, is that hackers no longer just encrypt data and ask for ransom, they also threaten to release the data onto the internet and demand money in order not to do so.
“With ransomware, cybercriminals are seeking to inflict the most amount of pain and risk immediately,” said Roger Grimes, data-driven defence evangelist, KnowBe4.
“They want to get paid and will do almost anything it takes to make that happen. A new pattern emerged late last year, where a single ransomware gang started to deploy new tactics to steal, encrypt and threaten employees and customers. It proved so successful that other ransomware gangs have now started using these same tactics, precipitating us into a new era of ‘Ransomware 2.0’.”
Ransomware usually begins with phishing. An unsuspecting employee would download and run an email attachment which ends up being malware. It encrypts all the data on the infected machine and the local network and then demands ransom in cryptocurrency, most often Bitcoin or Monero.
Emisoft claims that the potential cost of ransomware in the States last year was $7.5bn.