{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Curiosity Chronicle","title":"Ransomware-as-a-Service","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/e698d759\"></iframe>","width":"100%","height":180,"duration":320,"description":"The story of the last few weeks in business has been the ransomware attack that took down the Colonial Pipeline.On ransomware-as-a-service, DarkSide, and what happens when publicity becomes really bad for business:First, a few definitions...What is ransomware? Ransomware is a type of malware - a software designed to cause harm to a computer, server, or network. Ransomware is used to encrypt the files on your system and hold it “hostage” until the demanded ransom is paid.Ransomware is not new, but ransomware attacks are most definitely on the rise. With the world increasingly moving online, the cyber-attackers have experienced a windfall.Both the frequency of attacks and the size of the average ransom payments have increased dramatically.The way a ransomware attack works is really quite simple (even if the underlying technology is complicated).A would-be attacker scans for vulnerable companies. They often look for dated systems or weak infrastructure - like an animal looking for injured prey.When a target is acquired, the cyber-attacker looks for an entry point. This could be using a phishing scam or other method to gain access to the network or company data and servers.Once inside, the cyber-attacker launches a program that encrypts all of the company’s data.Once encrypted, the data and systems become completely unusable without a decryption key. The company is immobilized.While this sounds complex, given the range of cybersecurity sophistication at companies, hackers say breaching some companies is “so easy a kid could do it.”After the encryption is complete, the ransom negotiation begins.The cyber-attackers reach out to the company, offering to provide a decryption key that will return access to the hostage data. In exchange, the company has to pay a ransom (usually in the form of Bitcoin).If ransom isn’t paid, the data may continue to be held (leaving the company immobilized) or sensitive data (credit cards, health records, etc.) may be leaked.Generally...","thumbnail_url":"https://img.transistorcdn.com/4nO1oo__jWE5MpZsRfwEO_6q4py16kwv8WwJybce4FA/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9zaG93/LzMxOTcwLzE2NzEx/MzU5MDctYXJ0d29y/ay5qcGc.webp","thumbnail_width":300,"thumbnail_height":300}