Key Ransomware Attack Strikes Healthcare and Other Industries

According to Barracuda Networks, a data security and disaster recovery merchant, a major ransomware attack is now in progress against several industries including healthcare. However, it is still not known the extent of the attack in the healthcare sector.

According to Eugene Weiss, "the advanced security team of Barracuda has observed around 20 million attempts of a ransomware attack via an email attachment like 'Payment_201708-6165.7z,' during last 24 hours." The payment number differs in each attack.

Locky infected more than 23 Mn messages which were sent in a 24-hour period on Monday. Online security firm AppRiver identified the attack which is known as "one of the largest malware campaigns seen in the latter half of 2017."

The emails consists many subject lines like 'Please Print', 'Scans' and 'Documents'. All contain ZIP files with hidden Locky inside. If recipients click on them, the ransomware gets downloaded into their computers, encrypting and freezing all files. After that, they are asked to pay ransom amount to restore the locked files with a special kind of software.

When the ransomware attack reaches at a preset verge, it will present a document demanding payment to decrypt files. At this stage, the victim might pay the ransom amount, recover from backup or search to decrypt key online from a resource such as NoMoreRansom. Healthdatamanagement.com posted on September 1st, 2017, stating that Barracuda advises not to make payment to ransomware criminals "because this does not guarantee the decryption of your files and it encourages them to attack you again in the future".

Locky has the capacity to pull in huge money for hackers, even by victimizing only few people through emails. Sadly, cybersecurity experts have not developed a way to unlock strongly affected files without having to pay ransom amount.

Locky is one of the most famous kind of ransomware and was one of the most common types of malware used by criminals last year. This ransomware is very aggressive and encrypts a wide range of files. It can also encrypt files both on the infected computer and on other computers of the same network. The original Locky is normally distributed through phishing emails with an enclosed Word document just like this new version.

» SPAMfighter News - 9/12/2017