This New Ransomware Can Infect A Network In Just Minutes

November 3, 2020

Written by wukovits

this new ransomware can infect a network in just minutesNot all ransomware strains are created equally. Some are designed as slow burns that will infect a target system, expanding its reach for days, or even weeks before striking and locking your business critical files. Others are designed to hit fast and hard.

Lockbit definitely falls into this latter category, based on a detailed analysis of the code conducted by researchers at Sophos.

Their conclusion is that from the time a target network is breached, Lockbit will start encrypting files in as little as five minutes, which is so fast that it doesn’t really give your IT staff an opportunity to respond to the attack. By the time they become aware of it and begin deploying resources to minimize the damage, it’s usually over.

The research team discovered that once Lockbit makes its way onto a target system, it will do a quick, keyword based scan of network drives to locate the information most valuable to the team that inserted it.

This particular malware strain is offered as “Ransomware as a Service” so the keywords Lockbit uses for this search will be different, depending on who paid for the service, who they’re attacking, and what they’re most interested in acquiring. This is because of course, the hackers will copy the information they want before they start encrypting files.

In any case, this process doesn’t take long, and once that’s done, the malware executes in memory via a Windows Management Instruction (WMI) command. The research team observed that in every case they studied, the attack began in earnest, with files being locked, within five minutes of issuing the WMI command. That’s as fast and brutal as it gets.

There’s still a lot the team doesn’t know about Lockbit, but they’re continuing to study both the code and the aftermath of the attacks made on corporate networks around the world. They will continue updating the rest of us with their findings. None of the news is good, but it’s always better to know than not.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...