'Commentary'

The latest threat online, ransomware

19 OCT 2016 0

If you read any tech blogs or magazines, chances are you've already heard of ransomware. The online extortion game has been a subject of interest for decades in tech media circles, with the earliest cases stretching back to the late '80s and early '90s. But, this past year has seen an unprecedented explosion of it's use and popularity. 

No longer an interesting and slightly scary fringe behaviour on the edges of the internet, or fodder for cyberpunk paperbacks and speculative security blogs, ransomware has broken into the mainstream. A flurry of attacks aimed at both high profile targets, and run of the mill users just trying to browse the internet, over the past year has sent data security experts into a panic.

Victims of this scam include a Massachusetts police department which was rendered nonoperational until it (embarrassingly) coughed up $500 to an online extortioner. As humiliating as it is for a law enforcement agency to have to admit defeat at the hands of a criminal, the department got off light. A similar attack on the Hollywood Presbyterian Medical Center, which held patient records and ongoing hospital functionality hostage, demanded a hefty $17,000 ransom which the hospital was forced to pay. Of course, these attacks pale in comparison to the millions of Microsoft Office 365 users who were exposed to a mass ransomware attack. It is unclear how many users were actually infected, but Microsoft acknowledged that 57% or the organizations using Office 365 were targeted. Considering over 18 million people use that software, that is not an insignificant number. 

Ransomware scammers are becoming more brazen and audacious with their demands by the month 

Ransomware works by denying access to your own computer and extorting the user to get them back. Like other viruses, ransomware malware can be introduced to a computer through mislabeled executable programs, Trojans, and browser vulnerabilities. Once infected, the program will encrypt as many files as it can, rendering them inaccessible. A message, a ransom note really, will appear onscreen with instructions to send a certain amount of money (almost always in the form of Bitcoins, an online crypto-currency that is difficult to track) to an anonymous address in exchange for a unique password key that will unlock the files. 

Strong encryption is effectively impossible for a private citizen or enterprise to break through. The only realistic way to regain access to those files is by paying the ransom. Outside of that, you have to make peace with losing the data. 

For the average end users, this can be a huge headache. Losing work related files, personal photos and notes, and the general hassle of scrubbing a computer and reinstalling everything fresh. For larger organizations, this is a nightmare that could potentially ruin them.

Ransomware is catching on with cybercriminals because of it's low risk-to-reward ratio and big paydays. Instead of weaseling a few dollars out of some users here and there through old fashion email scams and phishing attempts, ransomware attacks can easily extort hundreds, if not thousands, of dollars out of their victims quickly and easily. 

Everyday, more scammers are catching on to the gimmick. The start of 2016 saw a 35-fold increase in ransomware-related domains, quickly displacing long established scams as the most dominant form of malware observed.

Extorting funds through Bitcoin rather than back transfers or PayPal has allowed these criminals to stay ahead of the authorities relatively unscathed. While there have been a few high-profile arrests here and there, many of the largest and most prominent scam operations have yet to be brought to justice, with law enforcement institutions such as the FBI openly casting doubt on their ability really catch them or slow down the tide of scams. 

While grim, that outlook may be realistic. While security software experts and law enforcement agencies will eventually catch up to the cyber-hostage takers, ransomware is going to be here to stay. There is no way criminals are going to give up on what has proven to be such a lucrative and easy scam. Just as people needed to learn about online fraud and phishing attempts to get them under control, we need to recognize and discuss ransomware as the latest and most pressing online threat today.

Fill out the form below to get started

find out what we can do for you 877 543 3110