Ransomware is scary — no one relishes the idea of losing their data, which might include important work projects or valuable personal files.
However, fear isn’t the only emotion associated with ransomware; you are also likely to feel supremely irked by the inconvenience of dealing with a ransomware infection.
Ransomware takes time and effort to eradicate, more-so than other types of malware, and that time and effort can cost you money in various ways, even if you don’t pay the ransom.
Unfortunately, the feeling of annoyance and the dismay at losing resources like time and energy are becoming the focus of many ransomware authors and operators.
As more people see through ransomware’s previous tactics, especially pretending to be a legitimate organization like the FBI or Microsoft, attackers need to find new methods of convincing victims to pay up, and disruption seems to be the leading solution.
Disruptionware, as the latest evolutions of ransomware have come to be called, are dangerous to businesses and consumers both.
Here are a few things everyone should know about this newest ransomware threat.
What Disruptionware Is?
According to a thorough report published by the Institute for Critical Infrastructure Technology (ICIT), disruptionware is an up-and-coming type of malware “designed to suspend operations” by compromising “the availability, integrity and confidentiality of the systems, networks and data” belonging to the target.
Essentially, disruptionware is malware designed to prevent the normal functioning of a device, perhaps by slowing down or halting processes or perhaps by intercepting and removing critical data.
Disruptionware takes advantage of many components of traditional cyberattacks, such as encrypting data like ransomware does, eradicating data like wiper malware and even turning devices into bricks like some of the worst malware on the web.
Different disruptionware variants follow different infection patterns, but most rely on the same old infection vectors that almost all malware uses: email attachments, corrupt webpage links, shady third-party downloads, unfamiliar USB drives, etc.
Once the malware is on a device or network, it proceeds to give operators remote access.
Some disruptionware have automated components to swiftly and viciously cut off access to certain systems and data, but most are dependent on remote control by attackers, who can analyze the system and make the most impact.
Whom Disruptionware Targets?
As yet, disruptionware has mainly been deployed against major private- and public-sector institutions.
The FBI suggests that hospitals and health care organizations are swiftly becoming primary targets because access to data and efficient operations are critical to these groups; thus, they are more likely to make payments to attackers to retrieve their systems fast.
Still, there are scenarios laid out by the ICIT where disruptionware is a useful tool for capsizing a private corporation.
In the near future, disruptionware could be deployed against government agencies, likely weaponized as a subtle or severe tactic in cyberwarfare.
Still, as is true of any malware, eventually Disruptionware will be used against the average home user.
Personal devices don’t contain as much valuable data as the networks of corporations or government institutions, but that doesn’t mean consumers lack any resources for attackers to capitalize on.
Just as hordes of cybercriminals develop ransomware that targets home networks and devices, so soon will the same cybercriminal groups develop disruptionware.
It is critical that all devices users download and maintain security tools like antivirus software, and it will be useful to have a ransomware removal tool on hand should disruptionware slip onto a system.
In all cases of disruptionware gaining access to a device or network, the toll is steep.
The average demand from ransomware attackers hovers around $40,000-worth of cryptocurrency, but in truth, the damages are far worse.
In either ransomware or disruptionware attacks, attackers rarely bother to return infected systems back to their original state, even if they receive the payment they demanded.
Thus, victims must pay the steep price to have their operations restored, or as can be the case in smaller targets, like home users, victims may simply need to replace their infected devices altogether.
Corporations could stand to lose over $5,600 per minute of the attack just to the costs of downtime; adding to that is the average ransomware recovery cost of over $84,000.
Disruptionware is a natural evolution in malware — and it is one of the most dangerous to date.
The sooner everyone understands the emerging threat of disruptionware and takes steps to keep their devices and systems safe, the less impact this new malware will have, and perhaps the sooner it will disappear.