Healthcare organizations, from hospitals to a county health department, have been hit by ransomware attacks within the past month. As organizations safeguard themselves against these attacks, perpetrators alter their techniques resulting in a type of cybersecurity arms race. Here are three new variants of ransomware to know, according to an IT World Canada report.
1. Ransom_Petya.A. This type of ransomware is sent as a resume that needs to be retrieved through a Dropbox link, according to the report. Once opened, the ransomware will cause Windows to crash as it rewrites the master boot record. Once the victim reboots the computer, a demand for ransom will appear on the screen. This variant was first observed by security software company Trend Micro.
2. PowerWare. PowerWare, first noted by researchers at Carbon Black, uses Microsoft Word and PowerShell scripting language, according to the report. This type of ransomware is sent via a macro-enabled Microsoft Word document. The PowerWare will initially ask for $500 in ransom, but up the demand to $1,000 after two weeks, according to the report.
3. Samas/Samsam/MSIL.B/C. SamSam aims to compromise servers and move laterally throughout a network. This variant will demand ransom to release information from multiple machines. Cisco Systems' Talos security team reported the growing use of this type of ransomware, according to the report.