Here are five things to know:
1. This ransomware targets individual Microsoft Windows users and larger enterprises.
2. Microsoft’s encryption feature allows users to protect specific folders and files. If any files are encrypted, the user can be easily alerted.
3. Decryption codes are transparent to each user. The key is stored in a file that can be accessed by the user and the other part of the key is based on the user’s account password.
4. When the EFS-based ransomware is used, it often goes undetected. The ransomware doesn’t require administrator rights or human interaction. The ransomware also deletes the decryption key, so the key file is no longer saved on the network.
5. Since discovering the ransomware, Safebreach Labs has notified 17 anti-malware and anti-ransomware vendors for Windows endpoints. Many of the affected vendors have released patches to address the ransomware technique.
To read more, click here.
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
