The Ryuk Ransomware uses the Wake-on-Lan feature to turn on powered off devices on a compromised network to have greater success encrypting them.
Wake-on-Lan is a hardware feature that allows a powered down device to be woken up, or powered on, by sending a special network packet to it. This is useful for administrators who may need to push out updates to a computer or perform scheduled tasks when it is powered down.
According to a recent analysis of the Ryuk Ransomware by SentinelLab's Vitali Kremez, when the malware is executed it will spawn subprocesses with the argument '8 LAN'.
... ... ...