- About Us
- IT Services
- Consulting Services
- Cyber Security
- Cloud Services
- Our Clients
- Contact Us
NetWalker (sometimes calling itself Mailto) refers to a dangerous ransomware group specialized in targeting Windows platforms. They’ve been around for quite some time, but 2020 has seen them launch some of the dreariest attacks.
Like most ransomware families, they target your computer networks, encrypt your files, lock you out, and demand payment for granting you access to the systems. However, NetWalker is notorious for its insistence that ransom must be paid in cryptocurrency.
Of course, the consolation is that you have backed up all your data. In case of NetWalker attacks you, all you have to do is to block them, and resume normal operations — right?
With that reasoning, you are probably wondering how NetWalker has managed to extort more than $29 million since March this year alone.
Have you ever been in a position where you have to choose between denting your reputation or dishing out some few bucks? Well, maybe not that few — by the fourth quarter of 2019, organizations had to part with $84, 116 on average for each ransomware attack.
NetWalker knows very well that data is the organization’s most valuable asset. So, they will give you two options — you either pay up or post private company credentials and those of its affiliates online.
Precisely. However, having all your data backed up is a good starting point. At least you can be sure to maintain essential operations as you try to find a long-lasting solution. This gives you better bargaining power with the attackers than if you had no backup.
If you can find a way to lock the attackers out, you could be as good as done. But then again, there is the threat of exfiltrated data. If NetWalker releases your files to the general public, it’s not only the organization that will be disadvantaged. You risk losing out with your affiliates who trusted you to protect their data. Just a heads up, rebuilding reputation lost in this manner is not a walk in the park.
This is what makes NetWalker more dangerous than regular cyberattackers. They learned the trade of blackmail and extortion from the likes of Maze ransomware and perfected it.
NetWalker, like many other ransomware groups, has been keen on weaponizing the Coronavirus pandemic. The next time you are clicking on an embedded image or link in your email, be sure it’s not from NetWalker. Many unsuspecting users have fallen for this trap — emails with very catchy wordings inviting you to click a link to access COVID-19 awareness material. The next thing you realize is that you cannot access your files, and then that message demanding ransom pops up.
The group is also notorious for using a bogus version of the password management app Sticky Password. The moment you or your users run the fake app, your files are encrypted.
That shouldn’t scare you as much as the fact that NetWalker is now offering ransomware-as-a-service (Raas). It is supplying software and infrastructure to affiliates who use them to launch attacks at an affiliate fee.
What’s the danger with RaaS? Well, the gang prefers trading their tools to those who are experienced in successfully breaching corporate networks. An experienced crew is granted access to some of the most lethal ransomware tools to hack your systems.
Some of the most talked-about attacks include
We would say it’s because they are cunning; they do not step on the ‘wrong toes.’ From the list of successful attacks that they have launched, it is pretty clear that NetWalker and its affiliates do not target networks belonging to CIS or Russia. This is seen by many as an effort to keep these two authorities off their radar.
Apart from the two entities, NetWalker does not discriminate on the type or scope of organizations they attack. What this means is that you are also a potential target.
Generally, it’s by being prepared. Always assume that you are the next target.
The following questions should help you gauge your level of preparedness:
To some, it has been a life-threatening encounter. Organizations take years to recover from the scare of a single cyberattack.
In IT, we say you are only as financially stable as your next cyberattack. Learn from the experience of other organizations. It may be too late if you wait for NetWalker to attack you.
Contact Veltec Networks for any queries. Call us today at (408) 797-0756, and let’s discuss your network’s security.