DarkSide Explained: The Ransomware Group Responsible for Colonial Pipeline Attack

Fresh Air


Michael schwartz welcome to fresh air the inner workings of ransomware that you found out where fascinating. Let's start with what you learned. The victim sees on the screen when dark side captures the computer system. When the ransomware is uploaded into a victim's computer system the first thing they see is a ransom note. It says at the top welcome to dark side and it contains a list of instructions on how the victim can go about unlocking their data. They have no access to their data and what they need to do. Is they'll rely on dark side by paying a ransom to provide them with a key that will allow them to get these files back and the letter is written in a kind of very formal business. Like manner with very subtle threats. Warned victims are warned. Not to try and tamper with their computers themselves. Try not to access the data themselves because this may result in the loss of the data completely. And so. they're they're instructed to get in touch immediately with the dark side representative to begin negotiations over the ransom and not only locks victims out of computer systems that hackers can steal proprietary data right and this is basically to put added pressure on the business. Not only does the victim risk losing access to important computer files that may be necessary for the day to day running of the business but the hackers will threaten to spill this information into the public domain to be used by competitors to be used by other hackers to carry out additional attacks on the company. And so they're really really hard pressed to act very very quickly to clear this up. The victims

Coming up next