WhisperGate - Why it's Different
Have you heard of WhisperGate yet? It’s ransomware. But it’s not. Let me explain.
First off, ransomware is typically categorized by the fact the files on your computer get encrypted and you can’t get to them until you pay the ransom. You pay the ransom, and then you’re supposed to get the decryption key to unlock your files.
WhisperGate is playing by a different set of rules.
WhisperGate tells you they’ve corrupted your hard drive and if you want to recover your files, you need to pay $10,000 to a bitcoin wallet. Seems like ransomware, right?
Unfortunately, they never send you a decryption key, and while you’re sitting and waiting, they’re overwriting all of your data, so you can’t recover. YOU CAN’T RECOVER.
This is NOT ransomware; this is destructive malware.
There are two cybersecurity awareness opportunities here. First, share information about this ransomware message and let them know how and where to report this when they see it. Second, get together with your IT and disaster recovery people and discuss backups and testing those backups. If all that data is corrupted, how far will your backups take you?
Will these destructive attacks lead to end of people paying ransoms? Will the ransomware trend decline? Only time will tell.
What do you think? Drop a comment below.