Tag Archives: computer virus

Ransomware– Pay-Up or Else– Billion Dollar Nightmare: Everyone is Vulnerable to Cyber– Extortion, Ransom…

Ransomware is one of the fastest-growing trends in cyber-crime: A clicked URL here, an opened file there, and suddenly your computer is infected with malware that either prevents you from accessing your machine or, worse, encrypts your work documents so you can’t access them… By the time you recognize something is wrong, it’s too late. Cyber-criminals have kidnapped your data and want you to pay up to get it back…  Estimates from the FBI put ransomware on pace to be a $1 billion dollar source of income for cyber-criminals…

The average ransom demand is now about $679. That’s more than double the average demand of $294 observed during attacks in 2015… And more troubling is that less than 50% of victims fully recover data... Ransomware propagates itself as a Trojan, e.g.; fake emails are the most often used distribution method, ahead of– websites, social media, attached infected Word documents… Ransomware is different from other malware and viruses because it’s nearly impossible to break it… In many cases, even the most accomplished coders can’t break the complicated algorithms to get access to the files without paying ransom…

In the article Ransomware a Top Threat by Lucian Constantin writes: Ransomware increasingly hits– businesses, hospitals, public utilities, public transit systems, and even police departments… According to Ed Cabrera; over the past two years there has been a dramatic shift in the type of ransomware being used by attackers… In 2014, 80% of ransomware attacks used traditional techniques, e.g.; locking desktop screen and telling users that they needed to pay fines… However, in 2015, the statistics flipped and 80% of attacks involved malicious malware programs that encrypt files…

Still another evolution is the transition from targeting individuals to organization and enterprises… This change in target is not entirely unexpected; after all business records are much more valuable than personal documents… and organizations can afford to pay higher ransoms than individuals… According to Liviu Arsene; ransomware are now focused on small and medium businesses, since they are more likely to pay larger ransom than the average individual, e.g.; a hospital paid $17,000 when hit by a single ransomware infection… which makes organizations and enterprises much more valuable targets for cyber-crime… 

Ransomware attacks can be devastating; they can cripple day-to-day activities… common entry points in many organizations are; human resource and financial departments, because it’s easy to disguise malware as, e.g.; resume, invoice… And when target are critical infrastructure provider, such as; hospitals, transportation services, communications… impact on these organizations can be catastrophic; unfortunately in these situations there are few realistic options aside from paying the ransom… In these devastating attacks, victims are usually redirected to ‘exploit kits’ via compromised websites or through malicious ads…

Unlike phishing emails these are drive-by-download attacks and it’s difficult to avoid them, since they are launched from trusted websites and are usually completely silent… These are hard decisions; security experts and law enforcement typically recommend that victims do not pay ransoms because it rewards criminals, and there are no guarantee that the attackers will fully recovery the data or provide an decryption key… According to Kaspersky Lab; one in every five organizations that pay ransom never get full-data back… However, for most organizations the decision is simply financial; it’s cost-based, e.g.; comparing– ‘costs lost’ (i.e., lost revenue, reputation, customer support, intellectual property…), versus ‘pay ransom’ (i.e., accepting unintended consequences)…

Incidents of Ransomware on the Rise: Hospitals, schools, government, law enforcement, small business, large corporations, individuals… are all targets for ransomware… It’s  an insidious type of malware that encrypts and/or locks valuable files and demands ransom to release them… According to James Trainor; paying ransom does not guarantee anything– it’s no win situation– even when victims pay they may not get full recovery… plus it emboldens criminals to target even more organizations… In addition, criminal/terrorists use the funds obtained from ransom to engage in other illegal, immoral activities.

Ransoms are profitable enterprises, and it’s very easy for cyber-criminals to organize and manage attacks when they represent themselves as legitimate enterprises… According to McAfee; cyber-criminals have figured out that they can hide/disguise themselves as legitimate enterprises… hence they make much more money, more easily, more safely with cyber ransomware, than with, e.g.; dealing drugs or other illegal activities… But key question; Should victims pay ransom?

Ransom amount vary (it’s market based system): It can be few hundred dollars, or $5,000 or more... And unfortunately victims are in no win situation– it extremely unlikely that the victim can break the malware or encryption… Hence, the decision to pay, or not often comes down to just a few limited options, e.g.:

  • No backup? Pay the ransom: If victims lack any form of file backup, they have no choice but to pay the ransom and hope they get files back. (According to survey of 300 experts; 19% of victims that paid the ransom still didn’t get their files back.)
  • Try restoring from backup: If victims have backup, they should try restoring a clean version, though in many situations customers will be down during the hours and days it takes to restore files.

Third option: Business continuity– it’s the ability for an organization to continue operations even in a disaster situation… Many organizations have plans in place for, e.g.; natural disasters, power outages, other disruptions… But few organizations have– ‘e-crisis’ response plans for cyber threats… Organizations (and individuals) must take cyber-attacks serious and develop effective contingency ‘continuity plan’ to protect themselves…