How Botnets are Used in Ransomware Attacks

A botnet is a network of devices that have been infected with malware, allowing a threat actor to control them. However, instead of completely taking over the devices, the individual orchestrating the attack, known as the bot herder, will use a portion of the computer’s bandwidth to run an activity in the background without the…

Read More

Technical Details for Recent Hive Ransomware Activity

Context The Hive ransomware variant has been extremely active in the past year. The ransomware was originally discovered in June of 2021, and reportedly is responsible for more than 300 compromises since September 2021. The FBI released a notice warning the public of the threat in August 2021 after Hive ransomware compromised dozens of medical…

Read More

How to Write an Incident Response Plan for Ransomware Recovery

“It does not do to leave a live dragon out of your calculations, if you live near one.” – J.R.R. Tolkien In 2022, ransomware is the live dragon for many companies working to develop incident response plans. According to Fortinet’s Global Threat Landscape Report, the first half of 2021 saw a 10.7x increase in the…

Read More

Different Types of Ransomware Attacks

Crypto Ransomware The first ransomware attack, known as the AIDS Trojan, hit the healthcare industry in 1989, but it’s only been in the last decade that strains such as CryptoLocker, Petya, NotPetya, WannaCry, TeslaCrypt, and Locky have pushed ransomware to the forefront of cybersecurity discussions. These strains have variations in the way they deploy, but…

Read More

How To Recover from a Ransomware Attack

In a perfect world, all of the defenses you’ve put in place will successfully defend against a ransomware attack. Your employees won’t click on any malicious links, none of your credentials will be brute-forced, your RDP ports are secure, and you’ve implemented a zero-trust framework across your network. It is true that taking measures to…

Read More