The chief technology officer provides an insight on new version of Ryuk ransomware after Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) warned that a variant of Ryuk with dangerous new capabilities has been spotted in the wild. The ANSSI wrote:
“First observed in August 2018, the Ryuk ransomware has since been used in Big Game Hunting operations. It is characterized by the use of different infection chains and the extreme speed of the Bazar-Ryuk chain, as well as the absence of a dedicated leak site. A Ryuk variant with worm-like capabilities, allowing it to spread automatically over the local network, was recently discovered during incident response.”
“A Ryuk variant with worm-like capabilities, allowing it to spread automatically over the local network, was recently discovered during incident response.”
<p>Ransomware attacks often start with phishing emails designed to trick victims into giving up their credentials. Once ransomware like Ryuk gets inside a network, it spreads and becomes more dangerous. This is why it’s imperative to train staff how to recognise a phishing email so ransomware cannot establish a beachhead. </p> <p><br /><br />The threat from phishing is only amplified during this remote working era. Home workers should be extremely careful to avoid clicking on links on their work devices, because this could lead to the compromise of their employer’s systems. <br /><br /></p> <p>The best advice is to stay on guard and apply a healthy dose of scepticism before opening or clicking on any links, even those that appear to be from a trusted source. To paraphrase a famous World War II slogan: careless clicks sink ships. </p> <p><br /><br />Employees should be extremely careful, because they don’t want to be the one who ends up allowing ransomware into the network. </p> <p> </p> <p><br />It’s also important for organisations and businesses to maintain a tightly integrated security system which automatically blocks threats across multiple channels.<i><br /></i></p>