A Dark Power is Rising: Behind the Emerging Ransomware Threat

A new, sinister ransomware is sweeping the web. Dark Power, the nascent evil of worldwide ransomware threat group, has already stolen the personally identifiable information of 10 people in the first month of operations; and threatened to publish that private information if their ransom demands were not met.

The ransom demands so far have hovered around $10K.

Origins of Dark Power

This up-and-coming malware is often associated with organized crime, but it can also be used by individuals or groups for political or financial gain. As the use of Dark Power continues to increase, organizations need to take steps to protect themselves from the potential damage caused by ransomware attacks and other malicious activities associated with them.

Once the ransomware has been installed on a computer, the user will be locked out of their system and will be asked to pay up to hundreds of thousands of dollars for their data to be restored. In comparison, Dark Power seems downright kind for only asking for $10K!

Just kidding. Even a $1 ransom is too much to pay for your own data.

Dark Power

What’s more: Dark Power was written in a coding language, Nim, which is becoming increasingly popular among thieves due to its speed and efficiency in dispersing ransomware. As such, Dark Power has become a major threat to businesses and individuals alike, as it can cause significant financial losses if not dealt with quickly.

What to Do If Your Data is Ransomed

Would you be tempted to pay the ransom? You should know that that doesn’t guarantee your data gets returned—in fact, only 8% ever see their data again.

Even if the cybercriminal does decrypt your files as promised, they might charge you a second fee to stop them from releasing that information to the public. This is known as double extortion. 

Instead of losing money, follow these steps:

  1. Disconnect the machine. The infection can spread through the local network to other systems. 
  2. DO NOT pay the ransom. Report the infection to I.T., the authorities, and other stakeholders with a vested interest, such as your insurance company, and start proper incident response protocols 
  3. Ensure backup & recovery systems are ready, so a business can continue as usual. Backup and disaster recovery systems should be checked regularly to determine they are working as intended, so you can recover within the Recovery Time and Recovery Point Objectives; RTO and RPO, respectively. 

You should always report the breach to those whose information may have been discovered!

Conclusion

Ransomware has been at the top of our threat radar for several years now. The steady emergence of new, powerful threats remains proof that this kind of cyber-attack is not waning in popularity. Instead, vigilance and understanding how these threats come in and what they look like can protect you from making rash decisions in a disaster. Familiarize yourself with your company’s recovery action plan!

Remember, taking proactive measures to secure your online presence can save you from significant problems in the future. Don’t wait until it’s too late. Contact T3 today to protect your online presence.