Ryuk Ransomware Decryptor Bug Could Lead To Loss Of Data

By   ISBuzz Team
Writer , Information Security Buzz | Dec 11, 2019 02:47 am PST

In response to reports that recent changes to the Ryuk ransomware encryption process resulted in a decryptor bug that could lead to data loss, an expert offers perspective below.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
James McQuiggan
James McQuiggan , Security Awareness Advocate
December 11, 2019 10:51 am

The criminals behind Ryuk are evolving their attack vectors to reduce the time to encrypt data and in doing so, have caused an issue of destroying the data at the same time. Criminals want money and whether or not your data is maintained is not their concern; just getting the payday.

Is there honor among thieves? If the public is aware that the encryption process destroys their files, they will not pay and the criminals won\’t receive any money. Could this be a bug in their software? Even the criminals write buggy code

Organizations want to backup their data and conduct regular testing of the backups to verify it can all be restored and maintain an offsite version of the data in the event of an onsite failure.

Incident response programs need to include ransomware attacks, who needs to be contacted and the steps to be taken when the organization is unable to produce or function effectively.

Finally, being able to monitor your networks and endpoints for large changes to data will allow an organization to respond quickly to a ransomware attack.

Last edited 3 years ago by James McQuiggan

Recent Posts

Would love your thoughts, please comment.x