Ransomware, as it is called, enables the hackers to lock down the victim's computer. Should whoever is unlucky enough to suffer this sort of attack refuse or be unable to give the perpetrators what they want, the data can be stripped of anything valuable or released publicly - or both.
The reality is that with so much of the economy having moved online, it is only logical that criminals would do so as well. While law enforcement authorities are well aware of the threat, neither their budgets nor any nation's laws have kept up. In another generation this challenge will likely be lessened by built-in security protections and a more aware - and adept - populace. In the meantime, it's hunting season - and the environment is target rich. JL
Steve Weisman comments in USAToday:
The more common ransom hacking scenario involves the hacker locking the computers of its victim and preventing access to any of the information stored on the company's computers unless a ransom is paid.
Lost in much of the discussion of the recent hacking of Sony was that in their initial communications, the hackers attempted to extort money from Sony in return for not making public the private data and e-mails stolen by the hackers. Sony refused and soon thereafter the Internet was flooded with much of the material stolen, including embarrassing e-mails of Sony executives.
The more common ransom hacking scenario, however involves the hacker locking the computers of its victim and preventing access to any of the information stored on the company's computers unless a ransom is paid.
Although many people are not familiar with this particular type of extortion, it has been going on for 25 years. Just last summer, Code Spaces, a code-hosting and software collaboration company was put out of business when its data was destroyed by hackers when the company refused to pay a ransom after falling prey to a ransomware malware attack.
But this is not just a problem for corporations. Much of the focus of hackers has been on individual computer users like you and me. You first notice that you have become a victim of ransomware when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a ransom. The ransom is generally required to be paid by MoneyPak cards, bitcoin or other untraceable funds.
Over the past few years, new versions of ransomware with names such as Crytolocker, RIG and most recently OphionLocker have been developed by hackers in their continuing battle to stay ahead of security software developers. These ransomware malware programs generally encrypt your files, making them unreadable by you unless you pay the ransom, which has ranged from as little as $200 to as much as thousands of dollars.
In many instances, the ransom demand is tripled if the ransom is not paid within a few days. In return for paying the ransom, you are told that you will receive the private key necessary to retrieve your files. Unfortunately, in some instances, people who even paid the ransom have found the hacker never provides the key and their files were effectively lost forever.
As with much of the malware that threatens us all, ransomware malware is sold on black market websites by the criminal masterminds who create this type of malware. Some of the programs have been sold for as little as $60 per day.
As with many types of malware, most ransomware malware is unwittingly downloaded by victims when they click on tainted links, download tainted attachments or even click on phony advertisements. In many instances, the phishing e-mails containing Crytolocker ransomware malware have purported to be from Federal Express, UPS, the U.S. Postal Service and even security software companies McAfee and Symantec as well as many other companies and many other guises.
This just serves to emphasize my mantra: "Trust me, you can't trust anyone." To avoid malware, never click on links or download attachments regardless of how legitimate they may look until you have independently confirmed that the links and attachments are legitimate.
RIG ransomware malware has been spread through malvertising. Malvertising is legitimate-appearing advertising that may be found on legitimate websites unwittingly carrying the advertising without knowing it is a scam. Links in the malvertising when clicked on download the ransomware malware onto the computer of the unwary victim.
So what can you do to protect yourself?
The best way to protect yourself from ransomware malware is to avoid it in the first place. Have a good firewall, good anti-virus software and good anti-malware software installed on your computer, tablet and other mobile devices and keep that security software updated.
However, it is important to remember that the security software companies are always playing catch-up with the hackers, so your security software will not always protect you right away from the latest strains of malware. Also, back up everything on your computer, tablet, smartphone and other electronic devices in the cloud or on a USB drive. Finally never click on links or download attachments unless you have independently confirmed that the communication or advertisement is legitimate.
In the case of advertising, it is easy to go directly to the company's website rather than click on a link in an advertisement that you can never be sure is legitimate or not. Even e-mails from friends can actually be e-mails from friends whose e-mail accounts have been hacked by scammers, so confirm before clicking on a link in an e-mail from anyone. It is also a good practice to have different passwords for all of your various accounts and to change those passwords every six months. Although this sounds like a difficult task, it need not be. You can find some hints on how to pick easy-to-remember passwords in my book Identity Theft Alert.
If you do find yourself a victim of a ransomware malware infection, paying the ransom is rarely a good choice. Rather, you should consult your security software company for help or a reputable security expert for assistance in removing the malware. In addition, two security companies, FireEye and Fox-IT, have created a website that offers free assistance in unlocking systems infected by CrytoLocker.
0 comments:
Post a Comment