Technology

#Ransomware Group’s Decryptors Are So Slow It’s Almost Not Worth It – Review Geek

“#Ransomware Group’s Decryptors Are So Slow It’s Almost Not Worth It – Review Geek”

digital key for hacks
iStock

Ransomware attacks are nothing new, but two recent hits have received a lot of attention, and in both cases, the decryptor was too slow to do any good. Essentially, victims often resort to backups or find a different solution, even after paying a ransom for the decryptor key.

A new report from BleepingComputer goes into detail about the entire situation. Explaining that the highly publicized Colonial Pipeline hack resulted in a $4.4 million ransom payment for a decryptor. Unfortunately, the Darkside decryptor was so slow the company restored everything from backups instead of using the key, even though it paid up.

In another situation, HSE, the healthcare system of Ireland, was hit by a Conti attack yet refused to pay a ransom. The Conti ransomware group eventually released the decryptor key for free, likely after realizing they hit a government agency. Similar to the Colonial situation, this key was too slow. In the end, HSE worked with a New Zealand cybersecurity firm named Emsisoft, whose decryptor is twice as fast.

Now, we’re not saying these companies should or shouldn’t pay. That’s a tough thing to discuss when it’s a hospital or, ya know, a pipeline as large as Colonial’s that the entire country relies on. That said, it looks like even when they do pay, the hackers’ own recovery tool is barely worth it.

During BleepingComputer’s testing, using a custom decryptor tool like one from Emsisoft helped restore a hacked system up to 41% faster than the tool provided by any specific ransomware group. That might not sound like a lot, but when you’re decrypting thousands of devices and terabytes of data, this could make the process days, or even weeks, faster.

When it comes to restoring something like the Colonial Pipeline or a healthcare system, time is money, or more importantly, time can save lives.

Emsisoft charges for their restoration services, too, but at least that’s not enabling or incentivizing ransomware groups to keep doing this.

via BleepingComputer

If you liked the article, do not forget to share it with your friends. Follow us on Google News too, click on the star and choose us from your favorites.

For forums sites go to Forum.BuradaBiliyorum.Com

If you want to read more like this article, you can visit our Technology category.

Source

Related Articles

#What Are Docker Labels and When Should You Use Them? – CloudSavvy IT

#Are Smart Speakers Safe for Kids?

#How to Disable Recommendations on Google TV

#How political beef threatens to destabilize and fragment the internet

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Please allow ads on our site

Please consider supporting us by disabling your ad blocker!