Monthly Archives: June 2017

Ransomware – A Rising Cyber Threat

The ransom business is booming. However, today’s threat doesn’t come in the form of a note composed of letters clipped out of a newspaper. It’s a new spin on the ransom note where criminals unleash an attack on your PC and its data through malicious software called ransomware.

What is ransomware?

Ransomware is a malware that locks your computer keyboard or computer to prevent you from accessing your data until you pay these data kidnappers a ransom. This digital extortion is not new – it’s been around since about 2005. But, the ransom cryptware that encrypts your file using a private key, which only the attacker possesses, has greatly improved.

Is ransomware on the rise?

Ransomware has come a long way since it first showed up in Russia and other parts of Eastern Europe. The growth in digital payment methods, particularly Bitcoin, the most popular method for demanding ransom because it prevents extortionists from being tracked, has greatly contributed to ransomware’s spread.

The FBI recently issued an alert, which included ransomware and fake antivirus scareware scams. The FBI estimates that criminals are netting an estimated $150 million a year through these scams. However, according to identity theft experts, ransomware is far scarier than the scareware scams because when an attack occurs, it can easily escalate from a potential data loss to potential identity theft to a data breach in the form of extortion.

How does ransomware work?

Similar to scareware, this digital assault begins by duping its victim by persuading him/her to click on an infected popup advertisement or taking him/her to an infected website. But, instead of trying to trick their victim into buying fake antivirus software, these criminals hold their victim’s computer hostage and attempt to extort a payment to return his/her data. Very often the ransomware attacker puts pressure on the victim, stating that his/her data will be destroyed in a specified time period if the ransom is not paid.

Often, the criminals only ask for a nominal payment, figuring that the victim will more likely pay to avoid the hassles and heartache (e.g. losing irreplaceable pictures) of dealing with the virus. Yet, when multiplied by thousands, this nominal payment quickly turns into a healthy income for these aggressive attackers.

Ransomware doesn’t just affect desktops or laptops, it also targets mobile phones. In 2015, masquerading as a porn app, ransomware targeted Android users and allowed attackers to lock up the victim’s phone while demanding $500 ransom to regain access.

Today, individuals, businesses, government agencies, academic institutions and even law enforcement agents have been victims. This vicious malware can infect a victim’s digital device via a malicious email or website, or even become infected straight through someone’s computer via a backdoor.

These types of attacks can have a devastating impact, from losing precious personal data to shutting down hospital services in the middle of emergency procedures. That’s why it’s so important to prevent ransomware attacks from happening in the first place.

How to avoid these ransomware attacks?

1.  Use reputable antivirus software and a firewall. Maintaining a strong firewall and up to date antivirus software is critical to preventing a ransomware attack. It is equally important to use reputable antivirus software from a reputable company because of all the fake antivirus software out there.
2.  Back up often. By backing up files to an external hard drive or an online backup service, the threat of a ransomware attack is greatly diminished.
3.  Enable the popup blocker. Popups are the prime tactic used by digital criminals. If a popup appears, click on the “X” in the right-hand corner.
4.  Always exercise caution. Don’t click on links in emails and avoid suspicious websites.
5. If attacked, immediately disconnect from the Internet. Disconnect from the Internet to keep your personal data from being transmitted back to the criminals. Simply shut down your computer and start fresh – re-installing software and downloading backed-up data. If you’re wary about doing this, take your computer to a reputable computer repair shop.
6.  Alert authorities. If you are the victim of ransomware, don’t be tempted to give in and pay the ransom. Ransomware is a serious form of extortion…crime…and your local FBI will want to know about it.

As these cyber criminals become more and more savvy…and potentially threatening, the best offense is still a good defense. Taking precautions to protect your information and continually being alert are the best solutions to avoid becoming a ransomware victim in the first place.