What is DarkSide Ransomware?
Powering its way onto the threat landscape in Summer 2020, the DarkSide ransomware operation involves a group of threat actors deploying highly targeted attacks. These attacks have a variety of ransoms attached, depending on the organization’s ability to pay (as studied by the group). DarkSide does not refer to a specific type of ransomware, as the group creates a customized executable file for each target.
How to Recognize This Threat: As with any ransomware, DarkSide is not interested in being secretive once it infects a network. Files will be encrypted and a message will display with the ransom amount required to unlock them. Additionally, victims suffer data exfiltration, with that information posted to a data leak site to further encourage payment.
How to Prevent This Threat: As with most threats, a multi-faceted approach is key. A trained workforce that behaves responsibly online is a good start. But for further protection against DarkSide and other ransomware, a next generation firewall with the latest security services can help find and block these threats. Additionally, regular backups of network files make restoring your business possible without the need for an encryption key.