Expert's advice: Cold weather is increasing, do not take medicine indiscriminately if you have a cold As the country, including Kathmandu, has started to experience extreme cold, experts have suggested not to buy medicine if you have a cold this season. Children and senior citizens especially need more care during the winter season. Experts have urged people to take necessary precautions, saying that children are more likely to suffer from respiratory problems, colds, throat infections, stomach aches, etc. during the winter season. Pediatrician Dr. Ramhari Chapagain of Kanti Children's Hospital says that respiratory problems, pneumonia, and 'cold diarrhea' (cold-related diarrhea) are more common during the winter. 'Nutritious food is needed to protect children from colds. Although children need nutritious food at any time, they need it more during winter than at other times. It helps in digesting common diseases,' he said. He also said that all the vaccines pro...
What is data exfiltration? How dangerous is it than ransomware?
For the past few years, various organizations have been facing ransomware attacks. Such attackers steal victims' data and demand cryptocurrency as ransom.
Due to poor security policies, untested backups, etc., organizations have become victims of such attacks due to insensitivity.
Not paying attention to your organization's cyber security has been a boon for ransomware attackers around the world.
Due to this, there is a continuous increase in ransomware attacks. But due to the falling value of cryptocurrency for some time, the value of the ransom demanded after the attack has decreased.
In addition, due to the vigilance shown by organizations for their security, ransomware attacks have also affected.
This forced the attackers to find another way for the attack and ransom. Meanwhile, another way they are looking for is 'data exfiltration'.
It is also called Xfill. It is like a kind of espionage, which is now affecting various organizations around the world.
What is exfiltration?
In general, this word is used by the army. In military activities, the work of evacuating the troops from the place controlled by the enemy is called exfiltration.
In the field of cyber security, cyber attackers stealing data from personal or corporate devices, such as computers and mobile phones, through various cyber attack methods, is called 'data exfiltration'.
In the last few days, the organizations are becoming victims of exfiltration. A few months ago, a large amount of data was stolen from Nvidia, Microsoft and other companies.
This was a bigger attack than a ransomware attack. A hacker group named 'Lapsus' released the source code of Nvidia's deep learning super sampling resource.
In general terms, data exfiltration is the unauthorized theft or transfer of data from a computer or device.
It works by stealing highly sensitive data of the organization and making it public. In 'data exfiltration' the attacker does not use an encrypted system as in a ransomware attack.
Attackers can use encryption to hide their tracking. But after data theft, keeping it a secret and demanding ransom from the victim does not work.
It directly exposes data, which can lead to financial loss or simply theft of information. This information can be used for any purpose.
How is exfiltration different from ransomware?
In a ransomware attack, the attacker installs malicious software on the target computer to gain access to sensitive data and keep it encrypted.
After that, after receiving the amount of ransom they asked for, they return the data to the relevant organization. Thus, they take cryptocurrency as ransom.
Since cryptocurrency transactions are based on blockchain, it prevents attackers from tracking them.
In ransomware, the attacker does not disclose the stolen data. It has the intention of making more money than causing losses to the company.
In order to make quick money like this, sometimes attackers threaten to release data or release some data.
Likewise, ransomware is often automated. That is, the attacker does not spend a lot of time stealing data and waiting for it. He installs malicious software one after the other on the device of the target organization.
Exfiltration steals the same data as ransomware, but it takes more control of sensitive data such as social security numbers, credit card details, passwords, personal data and phone numbers.
Data can be stolen in two ways. The first attacker is present himself to steal data from the device and the second steals data through automated software using malware as in ransomware.
But the stolen data is made public in this way. It does not mean asking for ransom only from the related organization. Attackers knowingly sell such data on dark web forums.
This type of attack is done to bring out the confidential data of a company or to do other things that harm the company. For this, the ransom amount is not a big thing.
How much riskier is exfiltration than ransomware?
Making data public is a big challenge in itself. Exfiltration is used in business to steal and use the secret strategies of competitors, to break someone's privacy by bringing out any sensitive information, etc.
It can do everything from spoiling someone's relationship to affecting business, spoiling the image in the society and so on.
In ransomware, the problem may be solved after the attacker gives the amount demanded, but in exfiltration, there may be no chance of solving the problem.
It directly affects the target person or organization. This type of attack has also increased the demand for intellectual property protection in the world.
Comments
Post a Comment
If you have any doubts. Please let me know.