Dive Brief:
- A new type of ransomware is encrypting computer hard drives rather than individual files, according to a Threat Post report.
- Called Mamba, the new malware has been found on machines in Brazil, the United States and India. Once Mamba infects a machine, it encrypts the hard drive and victims receive a ransom note.
- The ransomware is likely being spread via phishing emails, according to researchers at Morphus Labs in Brazil.
Dive Insight:
Ransomware continues to be a major challenge for businesses, as employees routinely fall for phishing scams and companies regularly pay ransoms rather than deal with trying to recover their critical data, further encouraging cybercriminals. While regular backups can help protect companies, Mamba can make that more complicated.
"Traditional backup methods rely on the operating system already being in place to centrally manage restoring files from a centralized backup server," said Travis Smith, senior security research engineer at Tripwire. "By taking out the entire operating system, the ransomware is increasing the overall cost of restoring data through backups." Rather than restoring from backups, more businesses will likely pay the ransom as the easiest and sometimes cheapest option.
Earlier this month, the chair of the Federal Trade Commission urged businesses to do more to protect consumers from ransomware.FTC Chair Edith Ramirez put companies on notice that the agency expects them to play a role in protecting their customers from ransomware.