How Ransomware Can Take Down a Company

Ransomware is a type of malware that encrypts a victim's files and demands payment in exchange for the decryption key needed to restore access to the encrypted files. The payment is typically demanded in a cryptocurrency, such as Bitcoin, to make it difficult to trace.

Ransomware can infect a computer in several ways, including through malicious email attachments, infected websites, or through software vulnerabilities. Once the malware infects a system, it begins encrypting files, making them inaccessible to the user. Often, the ransom note will appear on the victim's screen, demanding payment within a specific timeframe, or the decryption key will be permanently destroyed.

Ransomware attacks have become increasingly common in recent years and can cause significant financial and reputational damage to individuals, businesses, and organizations. It's important to have good cybersecurity practices, such as regularly backing up important files and avoiding clicking on suspicious links or email attachments, to protect against ransomware attacks.

Dish Networks Taken Down by Suspected Ransomware

One of the more recent major company outages involved satellite TV provider Dish Networks, who’s customer base reported a 100% outage of all services over a multi-day period.  Beginning on Thursday February 23^rd, customers began reporting in mass that they could not access their television services or pay their bills.  The outage appears to affect Dish’s main websites, apps and customer support systems, as well as the Boost Mobile prepaid mobile platform Dish purchased in 2020.

Bleeping Computer investigations were told by employee’s that they were asked not to sign into the VPN services, or access their accounts as the critical system issues may spread to their computers.  Malware such as Ransomware is easily spread throughout a network, and can utilize local networking protocols, email contacts, and other methods for spreading to and compromising other devices throughout the network.

DishTV announced shortly after the infection that most services had been restored, but only after multiple days of being down.  This is why it is imperative to ensure your network, workstations, and all end-points are secure and protected from malware such as Ransomware.

Avoiding Ransomware Infections

Ransomware can infect a computer in several ways, including:

Phishing emails: Attackers may send emails that appear legitimate but contain malicious links or attachments that, when clicked or opened, install the ransomware on the victim's computer.

Malicious websites: Visiting a website that has been compromised or clicking on a malicious link on a website can result in the download and installation of ransomware.

Exploiting software vulnerabilities: Attackers can exploit vulnerabilities in software or operating systems to gain access to a computer system and install ransomware.

Malvertising: Malicious advertising or online ads can redirect users to websites that download ransomware onto their computer.

Social engineering: Attackers may use social engineering tactics to trick victims into downloading and installing ransomware, such as posing as technical support or customer service representatives.

Ongoing Cyber-Security Training: Providing ongoing cyber security training can go a long way in helping your team better understand and identify potential phishing email scams and other threats.

It's important to take measures to protect against ransomware, such as keeping software and operating systems up-to-date, utilizing EDR (Endpoint Detection & response), being cautious when opening emails or clicking on links, and avoiding downloading software or files from untrusted sources. Ongoing cyber-training for your users can help them better identify and avoid potential ransomware malware and phishing scams as well.  Regularly backing up important data is also recommended, as it can help mitigate the impact of a ransomware attack.

Large corporations like DishTV may be able to survive a major multi-day services outage, but other companies that are targeted by Ransomware may not be able to survive such an outage.

Keeping your critical business services online and protected is of the utmost importance to stay in business and grow.  That’s why Natural Networks is consistently working to stay ahead of malicious actors and ransomware.  If you want to learn more partnering with Natural networks to protect your businesses IT, give us a call today!