Last week we wrote about “ransomware from afar” – attacks in which cybercrooks apparently aim ransomware at you across the internet.
Whether they hack someone else’s computer on which to run the malware program, or deliberately set up a sacrificial laptop or virtual machine (software-based computer) of their own, the outcome is the same.
The point is that many ransomware samples, with no modification or reprogramming needed, automatically scramble any and all connected drives they can see when the malware kicks off.
That pretty much guarantees that your C: drive will get zapped, because almost every Windows user has one of those, but if you also have an S: drive, for example, mapped across the network to access the company’s shared server folders…
…then you can kiss all that data goodbye, too.
The servers get affected even though it’s you who’s infected.
In other words, if the crooks can find any devices on your network that have inadvertently been shared out on the internet, and if they can guess your password, then they can map your files as a shared drive on their sacrificial computer.
Then they can take you down with ransomware, without any malware infection ever showing up on your devices.
Those shared folders could be on your laptop or on your NAS (network attached storage) device, but the outcome is the same: an extortion demand offering to let you “buy” the decryption key to get your precious files back.
Learn how this sort of attack can happen, and how to stop it:
(Watch directly on YouTube if the video won’t play here.)
By the way, if you like the shirt in the video (who doesn’t?), head to https://shop.sophos.com/ to buy one of your own.