The Rise of Ransomware and the Future of Cybercrime
Written By
On January 2, the New York Times published an opinion piece entitled, “How My Mom Got Hacked,” a review of one woman’s experience helping her mom traverse the complex, and unfortunately growing, landscape of ransomware.[1] Ransomware is a type of malware that encrypts a system’s data, thereby restricting access to that data until a certain amount of money – the ransom – is paid. At that point, the cybercriminal will (allegedly) provide the encryption key. Typically ransomware attacks are carried out through infected e-mail attachments and network attacks. While forms of ransomware have been wreaking havoc since 1989, the complexity of ransomware attacks and the amount of extortion victims have skyrocketed in recent years. In fact, McAfee Labs recently released a set of threat predictions for 2015, and highlighted ransomware as a key player in the future of cybercrime.[2] This is not surprising; ransomware is an increasingly pervasive type of malware. For example, the strain known as “Cryptolocker,” which was disrupted by a group of law enforcement agencies in mid-2014, was especially profitable, having targeted an estimated 500,000 victims and netting $3 million. [3]
The New York Times opinion piece highlights the fact that ransomware does not merely attack grandmothers sitting in front of “big, boxy PC computers.” A timely reference must be made to the recent Sony hack. Three days before cybercriminals hacked into Sony Pictures, two Sony executives received an e-mail that requested “monetary compensation” if Sony did not want to be “bombarded as a whole.”[4] Ransomware threats are made to any and every type of victim – from individuals sitting at personal computers, to entire healthcare organization systems. And the threats are increasing every minute – even to mobile phone users. With increasing Internet connectivity and the rise of the Internet of Things, ransomware attacks are simultaneously rising as well.
While there is no easy, one-step solution to combatting ransomware, there are certain measures we can take to protect our Internet-connected devices. First, be proactive: utilize programs that provide e-mail server scanning and filtering and web and host security (like anti-virus software), and continually update systems and software to stay on top of security improvements. There are more aggressive measures that may prove beneficial to certain organizations as well, such as the use of packet capture systems, software whitelisting products, and/or the generation of enterprise Secure Socket Layer and Transport Layer Security keys to combat ransomware that establishes hidden connections to your data. It is also necessary to organize and sustain a backup plan for your system, complete with separate, offsite drives and a specific backup schedule. However, one of the key aspects of maintaining a backup system is to understand what the costs are – both direct and indirect – to get to your backed up data and get your network back online. Trial run-throughs relating to your backup plan can assist in truly appreciating how you will respond to an attack. Also, do not underestimate the importance of exercising caution while scrolling through your e-mail inbox – suspicious links should be handled carefully. While these are merely general guidelines, the most significant piece of advice is to prepare, prepare, prepare for the worst. Assume that you will receive a ransomware threat – either at home or at work – and plan accordingly to detect and respond to it.
[1] Simone, Alina. “How My Mom Got Hacked,” New York Times, 02 Jan. 2015. Web. 05 Jan. 2015.