The way ransomware works is to encrypt files from the victim's system so that they cannot be accessed. Well how fast can ransomware encrypt large files?
In tests conducted by Splunk, a big data analytics company, it was found that the most powerful ransomware could encrypt 53 GB of data in four minutes and nine seconds.
Splunk tested five different ransomware variants, each of which was infected to four different types of victims. Of the 400 tests run, it was revealed that the LockBit ransomware run on Windows Server 2019 -based computers was the strongest ransomware variant.
The 53GB of data consists of 98 thousand files, which come in various forms, from PDF, Excel, to Word. In addition to LockBit, there are also other popular ransomware names such as REvil, Darkside, Babuk, Maze, and several others.
While in the 2nd rank there is Babuk, although it is noted that one of the samples took 3.5 hours to complete the encryption, as quoted by us from Techspot, Tuesday (29/3/2022).
Splunk disseminates the findings comprehensively, so that companies can develop a strategy if they are later exposed to ransomware attacks.
For example, by implementing multi factor authentication, network segmentation, centralized logs, and constantly patching security loopholes in the system.
In addition, data from Splunk is also important for the company's cybersecurity team to determine strategies in rescuing data before it is fully encrypted. However, only 53GB of data can be encrypted in 4 minutes, there may not be much data that can be saved when exposed to ransomware attacks.