Battling Ragnar Locker: Understanding the Threat & Countermeasures

In this episode, our co-hosts, Brian Fernandez, and Benjamin Ang, Head of Cyber and Homeland Defence at NTU Singapore, are accompanied by special guest Lauro Burkart, the Director of Cybersecurity services from Sygnia who shares his insights on ransomware and how to steer clear from it.

The focus of this episode is the notorious Ragnar Locker, one of several organized groups responsible for high-profile ransomware attacks in the Asia Pacific region.

Lauro sheds light on Ragnar Locker’s modus operandi in this region, emphasizing their use of advanced techniques such as the “double extortion technique.” This method involves threatening to publicly release critical data unless the victim pays the ransom.
Despite industries like power, oil and gas, and transportation having high resilience against such attacks, Ragnar Locker specifically targets these critical infrastructures, setting them apart from other ransomware groups. Notably, the group has successfully targeted 52 entities across ten different sectors worldwide in the past three years.
Lauro Burkart also provides practical measures for all companies, regardless of size, to safeguard against ransomware. These measures include regular system updates, blocking unauthorized access to remote administration tools, implementing two-factor authentication, conducting proactive war game simulations, and seeking guidance from trusted partners for accurate advice.
Furthermore, Lauro dispels a common misconception among small businesses that they are immune to such attacks since they are not critical infrastructures. He emphasizes that although Ragnar Locker primarily targets critical infrastructure, other equally sophisticated and professional ransomware groups can target any organization.