I first reported to you in May first’s Scam of the day of the hacking of Larson Studios by the hacking group thedarkoverlord, which demanded a ransom or else they threatened to release the latest season of the Netflix series “Orange is the New Black.”  Larson Studios is a post-production company that works on many Hollywood movies and television shows. Now in an interview with Variety Magazine, Larson Studio’s Vice President, Jill Larson is saying that Larson Studios paid the demanded 50 Bitcoin ransom, but that thedarkoverlord released the fifth season of “Orange is the New Black” regardless, indicating that it did so because Larson Studios had violated their agreement by contacting the FBI.
Thedarkoverlord has performed a number of other ransomware attacks including one in which it hacked a small Indiana charity from which it demanded a ransomware of 50 bitcoins that the charity refused to pay and consequently had its data destroyed.
This story points out the fact that even if you pay a ransom, there are no guarantee that the cybercriminals will honor their bargain.   A recent study done by Spiceworks found that of small to medium businesses who paid a ransom after being hacked with ransomware, 45% did not get their data restored.
The key to not becoming a victim of a ransomware attack is to prevent it in the first place.  Generally, the malware is installed unwittingly by victims when they are lured through phishing and spear phishing emails to click on links infected with the malware.  Never click on links in emails or text messages regardless of how legitimate they may appear until you have verified that it is legitimate.  You should also install anti-phishing software.
It is also important to not only have anti-malware software installed on all of your electronic devices, but to make sure that you update the security software with the latest security patches and updates.  Many victims of ransomware have fallen victim to strains of ransomware for which there are already security software available to thwart it.   Finally, always back up your computer’s data daily, preferably in two different ways in order to protect your data in the event you do become a victim of ransomware.
Ransomware continues to be a growing threat to individuals, large and small companies as well as government agencies, all of which have been targeted by ransomware.  Ransomware malware is readily available for unsophisticated cybercriminals to purchase on the Dark Web. While in the past, the typical manner in which it has been used was to encrypt the data of the target and refuse to release the data back to the victim unless a ransom was paid, the scam has evolved to also include threats of making stolen data public as was done in this instance.
Some older strains of ransomware can be defeated through software that can recover data encrypted by older ransomware programs.  In 2016 through the efforts of international law enforcement organizations and private security companies, the website No More Ransom was launched on which victims of ransomware can go to get decryption tools for many strains of ransomware for free.  Thousands of people have utilized this tool to decrypt their files after a cyber attack  without having to pay a ransom.  Unfortunately, however, there are some newer forms of ransomware for which there are no known decrypting tools developed yet.