The threat of hacks and cyberattack has long been worrisome for anyone who uses a computer, which is pretty much everybody by now. Through dangerous malware, viruses, worms, DDoS attacks, and more, cyberattackers have become proficient in launching assaults on some of our most precious hardware. Trends in cyber warfare, much like in actual warfare, evolve over time, with many working to combat the latest threats. Identifying these trends then becomes important, and one such trend that is sending waves through the security community is that of ransomware (sometimes referred to as crypto-ransomware). The attributes of this trend are a major reason so many people are so concerned about it, and the problem only looks to be growing.
Part of the frightening aspect of ransomware is that it works much differently than other types of cyberattacks. Hackers have traditionally sought to at least attempt to steal valuable data like bank account numbers, then turn around and sell that information on the black market. Ransomware takes this process and simplifies it greatly, instead getting rid of multiple steps between the attack and the profit.
Ransomware works by infiltrating a network or computer with a type of malware, which then encrypts data within the infected zone. That data is then held for ransom, with users told to pay the attackers a certain amount of money before the data is freed. The most common type of payment is usually through bitcoin. No data is actually stolen, but most victims still feel helpless and vulnerable after an attack.
Why ransomware is growing
There are many reasons ransomware has gained in popularity among cyberattackers, particularly in Eastern Europe. The tactics, as described above, are simply less sophisticated and require fewer moving parts when compared to other types of attacks. Ransomware also makes it much more difficult to find the culprits. That’s a big reason bitcoin is used; it is almost untraceable – a valuable attribute for hackers that want to remain anonymous.
Most ransomware demands only ask for a few hundred dollars to release encrypted data, a price many users are willing to pay to get peace of mind back. As a result, many attacks aren’t even reported, making it difficult to compile numbers.
Ransomware isn’t exactly a new phenomenon. The software and strategy behind it has been around at least since the mid-2000s. However, during most of that time, ransomware attacks were largely ineffective. That has all changed significantly in just the past few years.
Ransomware really took off in 2013 with the arrival of Cryptolocker, a type of encryption that ended up infecting around 150,000 computers every single month during its reign of terror. With millions in payments received, the criminals behind it appeared to be sitting pretty until law enforcement finally cracked down on them. Even so, the dam had broken and a flood of new ransomware attacks rose up.
Perhaps the highest-profile example of a ransomware attack occurred at a Los Angeles hospital earlier this year, where vital health data was held hostage by attackers for two weeks. The hospital eventually agreed to pay the ransom of $17,000 to get its data back. This is just the latest example of other attacks on hospitals – a preferred target for ransomware attackers since many hospitals are busy moving paper files to the digital realm.
There are plenty of efforts out there to combat ransomware. As an example, a programmer released a special tool that releases data for those who became victims of Petya ransomware. But as in most cases, the most effective treatment for ransomware is to never become a victim in the first place. Best practices in line with preventing malware also work well for stopping the tide of ransomware attacks. That means being extra vigilant when opening emails with suspicious links or attachments. Passwords need to be strong. Businesses and individuals alike need to make sure their computers are upgraded and software is patched. Placing protections (anti-virus software, firewalls, etc.) over everything from networks to software defined storage should also be a priority.
Ransomware is certainly a frightening trend, but it’s one that can be stopped. With the right preparations, there’s no reason we shouldn’t see the number of victims drop over the next few years. Turning ransomware tactics into a fruitless exercise is the surest way to get cyberattackers to move on to something else.