/tags/ransomware/Recent content in Ransomware on SecurosisHugoen-usTue, 05 Sep 2023 09:23:37 -0400/research/howto/awsbackup/Tue, 05 Sep 2023 09:23:37 -0400/research/howto/awsbackup/<p>tl;dr - here is a <a href="https://github.com/primeharbor/pht-awsbackup-management">link to the scripts</a></p> <h2 id="what-ransomware-in-aws-looks-like">What Ransomware in AWS looks like</h2> <p>In a typical ransomware attack, a threat actor will attempt to encrypt files on critical machines belonging to the victim. In exchange for a cryptocurrency payment, the threat actor will provide the decryption key and software to the victim, who then has to go through the arduous process of restoring their machines. The encrypted data is typically lost forever if the victim refuses to pay the ransom.</p>