The effectiveness of a ransomware when it comes to encrypting data is vital to measure its danger. And some are incredibly fast…
What reaction time do system administrators have when they detect that a ransomware has penetrated your network?
It depends on the amount of data they manage, but the reality is that time is short… very short.
The Splunk website has been testing with top 10 most dangerous ransomwareand some data leave with the mouth open. LockBit, for example, encrypts 50 GB of data in less than 4 minutes. Quite a record, considering that professional encryption programs take hours…
Ransomware is a special type of malware, the most widely used today, that “hijacks” the victims’ computers.
When it sneaks into the system, encrypts all data on hard drives, and then asks for a payment for providing the decryption key. Without that key it is almost impossible to recover the data, because the encryption is very difficult to break, unless you use quantum computers.
Encrypt the data It consists of applying an algorithm that changes them completely, and they can only be recovered with the decryption key, which carries out the opposite process. It is a task that requires processing power and mathematical operations, that’s why it takes a while.
Here it is ransomware key: If it takes hours to encrypt the data, it can give system administrators time to save the most important data, and even expel the ransomware. The faster it is at encrypting, the more dangerous it is.
The Splunk website has carried out a ransomware encryption benchmark, using various samples with up to 100,000 filesstored on servers with Window 10 and Windows Server 2019.
Splunk only offers the complete results under professional registration, but it has revealed some data. For example, the fastest ransomware is LockBit, which in their tests took only 4 minutes and 9 seconds to encrypt 53 GB of data of all kinds: PDFs, World documents, photos, videos, etc.
In this table we can see the average of all the tests, since there were ransomware that got stuck with individual files, taking several hours:
On average, administrators have about 42 minutes to respond to a ransomware attack, before losing 50 GB of data. But with LockBit and Babuk, this time is just over 5 minutes.
In 5 minutes you can barely save critical files, or panic…
Looking at these results, it seems clear that the only effective way to fight ransomware is to make backups every day.
George is Digismak’s reported cum editor with 13 years of experience in Journalism