What is Maze Ransomware and why is it the biggest data threat to organizations?

What is a ransomware  ?

Imagine opening your laptop the next time you go for work or some class only to see it all locked up with shiny images of bitcoins pointing to a message demanding ransom. This is how a ransomware works, a kind of cyber blackmailing.

Malwares, or malicious software, have haunted computer users from the beginning of the internet revolution, but a ransomware has jeopardized data security to a level not thought of before. And with the new found anonymity that bitcoin offers, ransoms are now easier to demand without leaving a trace.

If the ransom is paid, it contributes to the further evolution of the ransomware using the extorted money, making it harder for the security agencies to prevent future data breach. And in case the ransom is not paid, the victim is threatened with the publishing of the private data on the DarkWeb.

Why are we reading about it now?

The latest case of a ransomware attack, probably the biggest and most high profile in current history is the one by Maze Ransomware (previously known as ChaCha ransomware) on the leading IT-services provider Cognizant. Being one of the Fortune 500 companies, the situation has adversely affected its high value customers in banking and health sector, and also manufacturing.

Even if such a huge company is insured with a backup data or it is recovered in a certain scenario, the threat perception still remains. Maze Ransomware operators make sure to transfer the data on their server before locking the system. This allows them to always have a copy of the victim’s data even after getting the ransom.

Maze ransomware was first discovered on May 29, 2019 by a malware intelligence analyst Jerome Segura and since then it has wreaked havoc amongst corporations and organizations. Factors like the cost of loss of trade secrets, damage to the brand image, possible lawsuits and imposition of fines have dictated companies’ choice to pay the ransom.

When a system is infected with this ransomware this is how it looks

Maze-ransomware-screenshot-1024x768

Should we ignore this ransomware ?

For those who take it as idle threats, examples of data of several companies being released on internet present a cautionary tale. Particularly in a time of pandemic, when the world is going through a gigantic shift to the online economy, ransomware pose a massive disruption to some of the vital services.

Interpol has already warned health organizations across the world to expect such a situation. This calls in for prompt cooperation among nations and international organization for building an elaborate normative framework on data security and also strengthening the technical infrastructure on the same.

4 measures that can we can use protect our devices:

1. Always have an offline back up.

2. Ensure multi-factor authentication.

3. Use an email security software.

4. Create awareness about good computing habits in your surroundings. For example-

a. Using strong passwords

b. Identify malicious emails and block them

Unfortunately, online breach of security is becoming commonplace and simply relying on government authorities and cyber police won’t solve the problem. Computer users must stay alert in the cyberspace and maintain online hygiene.

This article series is a part of ForumIAS's Qrious Project. You can find other article in the series HERE→

Leave comments down below to tell us how you found our effort 🙂 

To get all important updates subscribe us now

Print Friendly, PDF & Email

Free IAS Preparation by Email

Enter your email address to subscribe to the blog followed by several Rankholders and ensure success in IAS.