Ryuk ransomware on the rise again as we go into 2021

There has been a rise in infections of a Russian made ransomware known as ‘Ryuk’ or ‘Conti’. First reported in Q2 2020, the steep rise in cases being reported coincides with the release of the 3^rd. iteration of the malware.

Compared to other families of ransomware, Ryuk has very few safeguards. For example, many ransomware families contain extensive lists of file extensions or folder names that should not be encrypted (whitelisted) But Ryuk does not go by the regular rules, it does not encrypt programs or critical system data, just any files.

The ‘Conti’ ransomware spreads like many others, via phishing emails. The emails come in many forms such as fake invoices with attachments or false google drive links claiming to be important documents. Once infected it is near impossible to stop and requires many resources to remediate with the average cost to recover from a ransomware attack currently £83,000.

Luckily, these attacks can be avoided if you remain vigilant. Never click on links and never open attachments from emails you aren’t expecting, confirm the validity of any unexpected email with the sender and if you are unsure, don’t open them. Put simply, if you cannot confirm an email you have received is genuine, delete it.

Over 95% of successful attacks rely on human interaction to be successful, awareness is a key component to keeping safe.

• Be aware of the threat.

• Be aware of the consequences.

• Be aware of how to react appropriately.

If you would like to know more about what Cyber Wise has to offer and how we can help you, click here.