Ryuk Ransomware Disrupts Major U.S. Newspaper Production
The New Year is here, and the ransomware scourge shows no signs of abating.
Over the past weekend, a major newspaper publisher experienced a server outage that interrupted the production and distribution of U.S. newspapers including The New York Times, The Wall Street Journal, Los Angeles Times, and Chicago Tribune.
It’s suspected the source of the server outage and disruption is ransomware. Several sources have indicated corrupted files with the .ryk extension were found. This is the calling card for the Ryuk ransomware strain.
What is ransomware?
Ransomware is a digital menace carried out by cybercriminals. Ransomware seeks to hold a computer’s data for ransom by encrypting it, rendering it unusable.
The cybercriminals will then request a payment, typically in cryptocurrency, for the decryption of the files.
Paying the ransom is a risky proposition, as there are many reports where the cybercriminals don’t uphold their part of the bargain. You’d also be encouraging the cycle of ransomware to continue.
Unfortunately for some businesses, paying the ransom may be necessary, especially for those with no proper data backups and with encrypted data that’s mission critical.
Malicious emails continue to be a major security concern
Malicious emails or spam (malspam) is one of the main sources of ransomware infection. These types of emails can contain links to malicious sites or have attachments (such as Microsoft Word documents) that will infect upon opening them.
Though scams in the past may have been relatively easy to spot, modern attacks can be hard to detect. Cybercriminals are using social engineering to tailor the attacks to their victims. Emails can contain industry-specific lingo that jive with a target’s line of businesses, or may appear to come from a service or individual they currently interact with. The emails can include branding and grap