{"id":14681,"date":"2020-06-18T20:10:33","date_gmt":"2020-06-18T14:40:33","guid":{"rendered":"https:\/\/cigniti.com\/blog\/?p=14681"},"modified":"2022-10-31T14:10:39","modified_gmt":"2022-10-31T08:40:39","slug":"maze-ransomware-prevention-security-testing","status":"publish","type":"post","link":"https:\/\/www.cigniti.com\/blog\/maze-ransomware-prevention-security-testing\/","title":{"rendered":"Tackling the Maze ransomware attack with security testing"},"content":{"rendered":"

It can be unanimously and\u00a0<\/span>globally<\/span>\u00a0agreed upon that this has not been a good year. While the world is focused on a virus that has caused a health crisis, a computer virus is sneaking around and wreaking havoc into\u00a0<\/span>our<\/span>\u00a0socially-distanced lives.\u00a0<\/span>\u00a0<\/span><\/p>\n

Digital technologies have played the central role in keeping things as normal as possible, allowing businesses to achieve continuity in their operations. However, several incidents\u00a0<\/span>have been\u00a0<\/span>reported where malicious elements hacked into the online systems and compromised the privacy, security, and integrity of the digital solutions.\u00a0<\/span>\u00a0<\/span><\/p>\n

A ransomware attack early this year<\/span>\u00a0against the\u00a0<\/span>City of New Orleans government<\/span><\/a>\u00a0cost the<\/span>\u00a0city<\/span>\u00a0$7 million.<\/span>\u00a0As per a\u00a0<\/span>report<\/span><\/a>, ransomware attacks are causing businesses more than $75 billion every year and it is expected that by 2021, it will cost $6 trillion annually<\/span>\u00a0as a new business will fall victim to a ransomware attack every 11 seconds. To the very least, these numbers are concerning and paint an ugly picture of the security status of organizations across the globe.<\/span>\u00a0<\/span><\/p>\n

In a ransomware attack, the data of an organization or individual is held hostage. The malware encrypts the files and prevents the users from accessing the data on their device until a certain amount of money is paid to the attackers as ransom for decrypting and releasing the information. In the time when data is everything for a business, a ransomware attack can cripple an organization\u2019s operations and negatively impact their ability to perform necessary actions.<\/span>\u00a0<\/span><\/p>\n

Over the years, we have had to deal with some serious ransomware attacks.\u00a0<\/span>Remember WannaCry in 2017<\/span><\/a>? There were over 200,000 victims and 150 countries affected with online transactions stalled and ATMs shut down.\u00a0<\/span>Usually, the ransomware attacks would threaten to release the encrypted data to the public in case the compromised entities failed to pay the ransom. But these threats were found to be mostly empty, until Maze. The Maze Ransomware is taking it further up a notch.\u00a0<\/span>\u00a0<\/span><\/p>\n

What is Maze Ransomware and why do we need to take it seriously?<\/span><\/b>\u00a0<\/span><\/p>\n

Like its predecessors, Maze too encrypts the victim\u2019s files and asks for a ransom payment in exchange of restoring the data. However, what distinguishes Maze from the early variants is that it follows through on its threat of releasing the stolen data publicly. Earlier known as the ChaCha Ransomware, Maze claim<\/span>ed its first victim in May 2019 and is still on a rampant spree of attacking vulnerable businesses. The malware uses exploit kits, spam emails, and remote desktop connections with weak passwords to\u00a0<\/span>gain entry into a system. Once the malware is in, it laterally spreads across a corporate network and affect<\/span>s<\/span>\u00a0all the systems present in that network. It not only infects and encrypts the data but also steals the information by exfiltrating it to the servers<\/span>\u00a0controlled by the attackers. This means that an infiltration by the Maze malware is a two-way attack \u2013 a data breach and a ransomware attack. Further, if the ransom is not paid, the attackers behind the Maze ransomware\u00a0<\/span>threaten<\/span><\/a>\u00a0to:<\/span>\u00a0<\/span><\/p>\n