Last on our list is Netwalker. This operation has been credited to the ‘Circus Spider’ subgroup of the better known ‘Mummy Spider’ cybercriminal organization. Like evil and Maze before them, Netwalker’s malware is distributed via phishing emails and similar weaknesses, then steals enough data to add the threat of leaking the most sensitive details to the demand for ransom for decryption.
Netwalker is another in the line of RaaS malware we’ve been discussing. They went to a great deal of trouble to publicize their operations and offered to lease the malware to individual cybercriminals for an unusually high share of the total take. If it sounds dangerous to advertise such a service…. it was.
Netwalker stopped operating in January of this year when many of its dark web resources were seized. Sebastien Vachon-Desjardins was charged with various cyber-crimes, including choosing victims, breaching their systems, deploying the malware itself and receiving the ransom payments.
Netwalker seems to attack mainly energy companies, logistics companies and industry. Though they only operated for a few months in late 2020, they have received more than $25 million in ransom.
How can you protect yourself from ransomware and other cyber-attacks like these?
Most experts suggest a multi-pronged approach:
- Train your employees to recognize potential threats and risky behaviors
- Keep up with updates toy our applications and operating systems
- Back up your corporate data regularly, preferably in a repository that isn’t vulnerable to attack
- Perform regular security audits
- Use professional-grade malware protection and incident response product like those offered by PerimeterWatch