The wiper is typically used for extortion and many ransomware attacks include a wiper component. Recently, cybersecurity researchers have discovered a new malware strain called Ordinypt that includes both wiper and ransomware capabilities. This malware overwrites the data and renders it permanently irrecoverable. This destructive nature of malware clearly signifies that there’s no incentive for victims to pay the ransomware’s actors. This was used to infect German-speaking users, thereby leaving them with no options to retrieve their files.
But Ordinypt is not the only one that has caused havoc by masquerading as ransomware. In August 2019, another ransomware named GermanWiper caused headaches for German companies by permanently destroying user data, while demanding ransom payments.
According to the latest report from IBM X-Force, it has been highlighted that there has been a 200% increase in destructive malware cases during the 2nd half of 2018 and the 1st half of 2019. But what is the point behind disguising a wiper as ransomware? Let’s have a look.
While most of the ransomware attacks include a wiper component, the wiper is mainly used for extortion. The hazard of permanent data destruction acts as a strong incentive for Businesses to cough up the ransom. By the time ransom is paid to the attackers, Businesses realize the truth of wiper-cum-ransomware and are left with little or no chance to recover their lost data.
Sometimes the purpose of hiding Wiper as ransomware is to achieve large-scale economic disruption. For instance, in 2017, after a series of high-profile ransomware attacks, NotPetya was released to the world.
This cyberattack seemed like conventional ransomware that was designed to generate as much money as possible. However, cybersecurity experts quickly realized that the ransomware was a destructive malware. NotPetya generated about $10,000 in ransom payments but caused havoc of more than $1 billion in the economic disruption.
Neumetric, cybersecurity services, consulting & product Organizations, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the business objectives of the Organization.
We suggest Businesses adopt a comprehensive disaster recovery strategy to mitigate the effects of malware in the future because wipers-disguised-as-ransomware attacks pose a serious threat. Organizations should implement a robust antivirus solution and frequent staff training about the importance of basic cyber hygiene.