Oct 10, 2018 10:00:00 AM

Fear and Prosecution in Ransomware Operations

When a new ransomware variant reveals itself, there's an intense effort put towards reverse engineering the malicious software ("malware"). As I've discussed previously, reverse engineering is the process of analyzing software to determine its capabilities, how it works, and the design decisions that went into its creation. This process allows for quick identification of "indicators of compromise", unique changes made to the infected system by the malicious software. These indicators can be used to detect the presence of ransomware on systems, ideally before it has a negative impact on your network.

Topics: ransomware, Attack Surface, Reverse Engineering

May 16, 2017 2:10:05 PM

Ransomware Worms Force Your Hand: Patch or Layer Security

Friday, May 12th, the “WannaCry” network worm joined the ranks of Conficker and Code Red. It’s infected tens of thousands of systems worldwide, and climbing. Among those victimized were England’s National Health Service, automobile manufacturers, and government systems. The worm’s ominous red ransom screen, informing the user that all files have been encrypted, was found not only on users’ desktops, but also on ATM screens, parking meters, digital billboards, and industrial control systems interfaces.

Topics: ransomware, Attack Surface, WannaCry

Jan 10, 2017 9:07:34 AM

A Dangerous Shift in Ransomware Targeting

There’s good news for commentators that really “phoned it in” on their 2017 predictions: ransomware is becoming even more of problem. While you’ll be hard pressed to find analysts who thought otherwise, the reason that malware has become more dangerous may be less obvious to those not in the trenches. It’s time to put the forecasts for 2017 aside and start looking at the reality of what’s being perpetrated against the victims of cybercrime this year.

Topics: cybersecurity, ransomware