Home Cyber Security Ramsay malware reportedly able to steal documents from air-gapped networks

Ramsay malware reportedly able to steal documents from air-gapped networks

Air-gapped system
Air-gapped system

It is understood that the current scenario is such that we are getting reports of a new hack every day and it is possible that the hack took earlier but they are being revealed now for some reason.

On the other hand, researchers are also finding some old malware that has been coming back. But researchers have now also found a new type of malware that has never been seen before inside any systems whatsoever. This new malware has been named as Ramsay malware and we don’t know why that is the case.

However, the point here is that it is quite a dangerous malware and can cause harm to a lot of systems. This is because researchers from cyber-security firm ESET announced about finding this malware today and gave quite a lot of details.

As per ESET researchers, this “malware toolkit appears to have been designed with features to infect air-gapped computers, collect Word and other sensitive documents in a hidden storage container, and then wait for a possible exfiltration opportunity”.

The most important thing here with Ramsay malware is that it is hard for malware to jump air-gapped systems and now that we know Ramsay can do so, we have to be equally careful about it being around.

ZDNet says that we “rarely see malware that contains the capability to jump the air gap, considered the most strict and effective security protection measure that companies can take to safeguard sensitive data”.

So we also need to understand what are air-gapped computers for that reason. As per researchers, Air-gapped systems are computers or networks that are isolated from the rest of a company’s network and cut off from the public internet. This means that if they don’t come in contact with other systems, they can’t get infected. But since this malware infects them as well, it is understandably quite dangerous.