Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

This Ransomware Group’s Antics Remind Us How Dangerous Ransomware Can Be

This Ransomware Group’s Antics Remind Us How Dangerous Ransomware Can Be

Just like any other business that takes some time to get to know a new client, a new type of ransomware can take up to two weeks to map a network before it goes in for the kill. This threat from a group called Zeppelin has the potential to be a major threat actor in the ransomware space.

What is Zeppelin?

Zeppelin is a ransomware group that has historically demanded large sums of money from large businesses in the United States and Europe. The US Cybersecurity and Infrastructure Agency and the Federal Bureau of Investigation have doubled down on their warning about the ransomware group.

This threat has been around since 2019, and as you might expect, it has targeted several different types of companies and organizations, including those in the healthcare, manufacturing, defense, education, and technology sectors. Zeppelin grew in popularity thanks to their offering ransomware-as-a-service attacks using its VegaLocker ransomware with a predisposition for striking healthcare and medical companies. In some cases, ransoms can reach up to millions of dollars.

What Kinds of Tactics Does It Use?

The reason why Zeppelin can demand such massive sums is because of the tactics it uses. Zeppelin takes great steps toward ensuring that they know the victim’s network before they launch their attacks, looking into things such as cloud infrastructure and data backup solutions. Once the attack is initiated, it strikes with multiple different instances that all require different decryption keys.

In other words, they make it so hard to recover that the companies have no choice but to shell out the big bucks.

The joint advisory reads: “The FBI has observed instances where Zeppelin actors executed their malware multiple times within a victim's network, resulting in the creation of different IDs or file extensions, for each instance of an attack; this results in the victim needing several unique decryption keys.”

What Can Be Done?

We always recommend that you don’t pay the ransom, even if it seems dire enough to consider. When you pay the ransom, you are funding further attacks and reinforcing the idea that these types of attacks work. Plus, there is no real guarantee that you’ll get your data back. There are often instances where hackers will give up the decryption key, but the key either won’t work or the data is corrupted or lost anyway, leaving businesses out of luck and out of money. Plus, you have compliance issues to worry about, too.

Instead, we urge you to not let the ransomware threats intimidate you into paying the ransom, but instead to contact your trusted IT resource, like the professionals at Direct Technology Group, to see what can be done. Most of the time, it’s easier to just prevent ransomware attacks in the first place through proactive security and training, and we can do both for your organization.

To learn more, contact us at (954) 739-4700.

Tip of the Week: Saving Files from the Internet as...
What You Need to Know About the Command Prompt
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Blog Archive

2014
January
February
March
April
May
June
July
August
September
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

Direct Technology Group strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Direct Technology Group can do for your business.

1358 W Newport Center Dr
Deerfield Beach, Florida 33442

Call us: (954) 739-4700

News & Updates
Direct Technology Group is proud to announce the launch of our new website at www.directtechnologygroup.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...