Expert Insight on Conti Ransomware Shows Signs of Being a Ryuk Successor

The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti’s distribution is increasing.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
James MacQuiggan
James MacQuiggan , Security Awareness Advocate
InfoSec Expert
July 10, 2020 9:56 am

While it\’s interesting to note that the Ryuk ransomware strain is declining and Conti is escalating, organisations are still succumbing to these attacks.

As cybercriminals evolve their code and tools, it\’s troubling that this ransomware strain has improved its ability to encrypt files quicker to use multiple threads running simultaneously.

While the Conti malware design has it operate from inside the network and not from an email click, it\’s worth noting that cybercriminals had to get in one way or another. Organisations want to have a robust security incident and event monitoring system to watch for systems exhibiting the unusual symptoms caused by this malware.

Of course, it\’s essential to engage employees with a robust security awareness training program. The program will allow the employees to make confident security decisions when spotting unusual activity within systems and networks. Also, users will have the knowledge to take the necessary action to thwart these types of ransomware attacks.

Last edited 2 years ago by James MacQuiggan
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x