ZinnoX Cybersecurity

Ransomware - UBA/COLDDRAW

According to Cloudware, in 2021, 37% of all business organizations were hit by ransomware, which increased in 2022. When we talk about small businesses, ransomware can sound scary. Because When an organization faces a ransom attack, it cannot afford to pay a ransom for their data. That is why it’s essential to stay informed about what ransomware is and how it works. 

So let’s first understand what it means.

What Is Ransomware? 

Malware can either encrypt all your data or lock you out of your computer. This type of Malware is called Ransomware. Once your system gets targeted by ransomware, it will ask you to pay a ransom to exchange your data or unlock your computer, usually in cryptocurrency.

COLDDRAW Ransomware:

Cuba ransomware, also known as cold ransomware, has received more than $60 million in ransom payments and compromised over 100 commodities worldwide as of August 2022.

Cyber security and infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) shared the advisory saying that the agencies emphasized a “strong growth in both the number of compromised entities and the ransom amount.”

The Tropical Scorpius crew has been targeting the financial services, government facilities, and Healthcare manufacturing sectors and practices to expand to gain initial access and interact with broader networks.

What Is The Entry Point For These Attacks?

Attacks involve exploiting known security flaws, phishing compromised credentials, and legitimate remote desk protocol (RDP) tools followed by distributing them via Hancitor (Hanictor, also known as Tordal and Chanitor, was created in 2014 to drop other malware on infected machines. Hanictor is a service, making it an accessible tool to attackers)

 If a ransom payment is not made on time, cybercriminals can exfiltrate the victim’s data and threaten to release it to the public. The actors use extortion techniques to deploy ransomware.

You can reduce the chances of your computer or data getting infected using security software and anti-ransomware.

How Can You Mitigate Ransomware?

Avoid opening unsafe links: Clicking on the links in spam messages or on unknown websites can lead you to an automatic download of malware, which could infect your device. So we need to avoid opening unsafe links.

Avoid the usage of unknown USB sticks: Only connect the USB sticks or different storage media to your computer if you know where they come from because the storage medium may have been infected by the cyber criminals, which is placed in public places to trap somebody in it

Avoiding malicious email attachments: Ransomware can also make its way to your device through mail attachments, so avoiding email attachments can help you mitigate the ransomware attack.

Make sure to update your programs and operating system regularly: Update your operating system and programs regularly to stay protected from malware. When you update, make sure you benefit from the latest security patches.

Only by taking all the necessary measures can we mitigate Ransomware, else it is easy for organizations to get targeted by Ransomware.

Posted on: December 10th 2022