Sophos explains how it works and how you can defend yourself against Conti ransomware, one of the cyberthreats that has been infiltrating corporate networks for a year
Multinational leader in the latest generation of security, Sophos protects more than 400,000 companies of all sizes in over 150 countries from the most advanced cyber threats. Developed by SophosLabs – global research team – the cloud-native and AI-integrated security solutions protect endpoints, servers, mobile devices and networks from ever-evolving threats, including automated breaches, ransomware, malware, exploits, data theft, phishing, and more.
Precisely because of their capacity, the Sophos Rapid Response was called to analyze, neutralize and face the ransomware “human-operated” Conti. This attack develops in 5 days from the moment of the initial compromise to the restoration of business operations. The perpetrators of this attack threaten their victims, after having stolen sensitive data and encrypted them, to make them visible on the “Conti News” site if the ransom is not paid. Let’s find out what to do in case of an attack and how to defend ourselves against Conti ransomware.
The three-part report released by Sophos, “The Realities of Conti Ransomware“, is formed from:
Peter Mackenzie, manager di Sophos Rapid Response, explained the following:
In cases of human-operated attacks, those leading the offensive can adapt and react to changes in real time. In this case, access to two servers was gained at the same time, so when the victim detected the attack and disabled one of them (convinced that they had blocked the ransomware), the cybercriminals had to do nothing but switch to the attack. other server and continue your attack undisturbed. Having a plan B is a common approach to human-operated attacks and is an important reminder that blocking suspicious activity on your network doesn’t mean the attack is over.
The site “Conti News” has published to date the data stolen from 180 victims; Sophos created a profile of the victims based on this data (which covers approximately 150 companies whose data was published at the time of the analysis). Here is the list of actions that will help IT managers cope with the hours and days following the attack.
This will block Conti ransomware and associated files. While it’s not a walk in the park, at least a method has been found to counter these ongoing threats. Having your computer hacked, especially for a company, is never a good thing. To understand how hackers can act, I invite you to read the Cisco Talos interview to one of them. To read it you can click here. Did you know about this ransomware? Have you ever had anything to do with it? Let us know yours in the comments. In order not to miss further news from the software universe, keep following the pages of tuttooteK!
How often do you hear about technologies like 4G or 5G? Often, we imagine. You…
Today everything has become digital, even the butcher's shop that sells cured meats. So if…
If you are looking for link 2000 of free monopoly go, you have landed on…
In today's world there are so many ways to eat, so many diets to follow…
Let's discover Agrati together, the company whose mission is precision, albeit in the context of…
In this review we will analyze Dragon's Dogma 2: the highly anticipated sequel to Capcom's…