Hackers were especially busy last year, developing a new species of malware to worry about. It’s called “ransomware”, and as we continue to look ahead to the new year, it’s going to be an even bigger deal than in 2015.
What Is Ransomware?
Ransomware is malware that asks for a payment in exchange for reversing the effects of the malware. There can be all kinds of ransomware, including scareware (“Your computer is infected: buy this to clean it up”, or FBI letters). Another type simply asks you to pay or else they’ll do something bad to your PC.
Famous brands of ransomware include:
- CryptoLocker (encrypts your files so you can’t access them)
Most ransomware will cause your computer to be unusable. The code gets in there and encrypts everything so you can’t access a thing. The only thing that will unlock your computer will be the encryption key, which is only available from the hacker. It is a tidy system for efficient theft of your money.
Efficient indeed: unlike trojans or keyloggers, ransomware gets right to the point and extracts money from the victim immediately. Keyloggers lie waiting for the victim to type in a credit card number or other personal and useful data. Plus, now that credit card companies have gotten tough with fraud, hacking for credit card numbers isn’t as lucrative as it once was.
These hackers are after serious money to fund their criminal activities. If you are imagining the ransomware hackers are teens in their bedrooms hacking for fun then you are probably mistaken. More and more, especially with ransomware, it is organized crime behind the hacks.
Often the payments are to be made in BitCoins, which are not traceable.
Ransomware Attacks Are Spreading Fast
Ransomware attacks doubled in 2015, according to Kapersky Labs. They found more than 50,000 corporate PCs infected by “cryptolockers”, which are what disseminate ransomware. It is apparently really bad Down Under: a report carried out by the Australian government found at a worrying 72% of their businesses got hit by malware in 2015. That’s up from 17% in 2013*.
As always, it pays to be careful what you click on.
And if you are thinking this is a crime wave only affecting the big corporate giants think again. It is likely to fan out to smaller businesses networks and even private devices.
What to Watch Out For In 2016
Most ransomware attacks have focused on devices using Windows. New for 2016, however, is ransomware that goes after mobile devices running iOS and Android. That is just one more reason small businesses will me more likely to have a ransomware encounter this year.
Yahoo just ran a “what’s ahead for 2016” article and along with mobile payments, ransomware was named top security threat for the upcoming year.
Trend Micro predicts 2016 will be “The Year of Online Extortion”!!
In 2015 we saw ransomware directed at financial institutions and big corporations. For 2016, targets will include more gamers, users of digital wallets, and smaller businesses.
- Apple Pay
- Apple App Store
- Android phones
- iOS phones
What To Do If You Get Hit By Ransomware
Not one expert suggests paying the ransom, although many businesses do. It is tempting, especially when the encrypted data is essential. Kapersky Labs recommends calling in law enforcement as well as computer security experts.
Many pay because of the embarrassing nature of the ransom letters. The letters often make false claims which if leaked, would cause not just embarrassment but possibly personal crisis. Imagine responding to the false accusation that infantile pornography was found on your PC. It is hard to imagine not wanting to pay up immediately just to make it go away.
Reputation is everything, after all.
Nevertheless, nobody recommends paying. Hackers do not always honor the agreement after they have been paid.
Norton Security has steps to follow should you get a letter. They include specific instructions for removing a strain of ransomware called “Moneypak”. This malware makes a fake alert on your computer that looks like a warning from the FBI that you are involved in illegal cyber activity. You must pay a fine or go to jail.
To eliminate the threat of malware, practice safe computing…nothing new here. For businesses with employees:
- Train, train, train your employees about computer security (don’t run suspicious files, click on suspicious links etc).
- Keep all your software updated, especially browsers.
- Uninstall Java.
- Make it very clear what your security processes are, then enforce them vigilantly.
- Employ all the latest technology against malware: secure your network!
- Consider “behavioral detection methods”, or system watchers.
- Back up often, and put the backup on a removable hard drive or a remote backup service…not on your hard drive or networked device.
*Source: 2015 Cyber Security Survey: Major Australian Businesses. Australian Government Report.