Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to avoid detection. After the security tools are disabled, the ransomware is deployed and encrypts entire hard drives, except for the system drive. DeepBlueMagic uses other tools to make the recovery of the drives impossible.
Ransomware strains continue to pop up at a rapid pace, showing that there will be no abatement to the problem any time soon. The threat actors are creating nasty strains at a feverish pitch and deploying them faster than companies can keep up.
Prevention continues to be the top strategy, including using basic cyber hygiene. We continue to see successful attacks using old tricks against known vulnerabilities, including the lack of multi-factor authentication, VPN vulnerabilities, failure to patch known vulnerabilities, and remote desktop protocol vulnerabilities. It is crucial to stay on top of these vulnerabilities to prevent known and new strains of malware and ransomware like DeepBlueMagic from deployment in your system, and the subsequent chaos and loss it can cause to your business.