Heaptalk, Jakarta — A shocking incident occurred recently. Since Thursday (06/20), the National Data Center (PDN) has been the main target of ransomware attacks. This cyber attack has paralyzed essential services, such as immigration services, and affected about 210 other institutions.
Peris.ai CEO David Samuel said that hackers used the latest Brain Cipher ransomware attack method to target the Indonesian National Data Center. This cyber attack utilizes advanced techniques to infiltrate, spread, and encrypt data in targeted networks. The primary delivery method is via phishing emails, which often contain malicious attachments or links leading to malware downloads.
How Ransomware paralyzes the system
Brain Cipher Ransomware employs sophisticated techniques to infiltrate, spread, and encrypt data within targeted networks. Its primary delivery method is phishing emails, often containing malicious attachments or links that lead to malware downloads.
Once inside the network, ransomware uses various tactics to escalate privileges, evade defenses, and obtain access to sensitive information. For instance, this attack executes the Windows Command Shell and bypasses user account controls to escalate privileges.
Peris.ai revealed that ransomware’s discovery tactics include registry scanning, system information, and software discovery. These actions allow this cyber attack to map the infected environment and identify high-value targets for encryption.
Credential access is a significant aspect of Brain Cipher’s methodology. It steals web session cookies, credentials from web browsers, and credentials stored in files, providing the attackers with the necessary information to further infiltrate the network or exfiltrate data.
The ransomware’s impact tactic is data encryption, which renders the victim’s data inaccessible until a ransom is paid. This tactic is effective in causing significant disruption to organizational operations, as seen in the recent attack on Indonesia’s National Data Center.
Mitigation and Response
To mitigate the threat posed by Brain Cipher Ransomware and similar attacks, the cybersecurity startup calls on organizations to adopt a layered security approach, including:
- Email security: implement a robust email security solution to detect and block phishing attempts.
- User Training routinely trains employees to recognize and report phishing emails.
Endpoint Security: Advanced endpoint protection detects and prevents malware execution. - Network Segmentation separates critical systems and data to limit ransomware spread.
- Backup Solutions: maintain regular backups of critical data and ensure backups are stored securely and offline.
- Incident Response Planning: develop and regularly update incident response plans to ensure rapid and effective response to ransomware attacks.
“Organizations must remain vigilant, continually updating their security practices and staying informed about the latest threat intelligence to combat ransomware attacks effectively,” Peris.ai concluded.