Blog Post

Petya/NotPetya: Ransomware Attacks in a New Form, but is it Ransomware?

By Yohai Einav, Principal Security Researcher

Petya

Posted on July 26, 2017 in: Security

Tags: ,

Ransomware has changed a lot since it was introduced back in 1989 by Dr. Joseph Popp, where 20,000 floppy disks were distributed via snail mail. The malware hid files on a victim’s hard drive and encrypted only the file names, rather than the entire files themselves. As one might assume, the entire remediation process was manual, rather than digital. Popp’s program asked victims to print the ransom note and send $189 to a bank in Panama. When he was caught, he was determined unfit to stand trial. All the money he obtained was donated to AIDS research.

Read more

Blog Post

Petya Runs Wild

By Bruce Van Nice, Director, Product Marketing

mountain-line-in-snow

Posted on June 30, 2017 in: Security

Tags:

As has been widely reported, a new ransomware known as ‘petya’ (also being referred to as `notpetya` or `petwrap` in the research community) started circulating on the internet earlier this week. It appears the attacks started in Eastern Europe and caused widespread damage around the globe.

Read more

Blog Post

Taking a Defense in Depth Approach to Ransomware

By Craig Sprosts, vice president, product management

Ransomeware

Posted on May 15, 2017 in: Security

Tags:

By now you’ve most likely heard about the WannaCry (a.k.a. WannaCrypt) ransomware that began wreaking havoc in parts of the world this past Friday (May 12, 2017). Given Nominum’s broad, deep view into DNS data from our service provider customers around the world, we were able to gather insights into how WannaCry made its way onto subscriber networks around the globe (see the WannaCry: views from the DNS frontline in our Data Science blog for more thoughts). Reports show that the latest ransomware attack has infected more than 230,000 computers in over 150 countries.1 For now we are seeing the outbreak slow down, but some expect this is just the first of more similar attacks to come.2

Read more

Blog Post

What CSPs Can Learn from the Latest DDoS Attacks

By Craig Sprosts, Vice President, Product Management & Strategy

Posted on October 24, 2016 in: General, Security

Tags: , ,

On Friday, October 21, 2016, there was a major distributed denial of service (DDoS) attack that took down major U.S. company websites, including Twitter, Paypal, The New York Times, Box, Netflix and more. The attack targeted managed DNS provider Dyn Inc., which hosts the authoritative DNS for these popular domains. The attack originated from a large number of compromised IoT devices, including internet-connected cameras, routers and digital video recorders.

Read more