The Ransomware business is booming
Ransomware is Malware that locks your keyboard or computer to prevent you from accessing your data until you pay a ransom, usually demanded in Bitcoin. The digital extortion racket is not new—it’s been around since about 2005, but attackers have greatly improved on the scheme with the development of ransom crypt ware, which encrypts your files using a private key that only the attacker possesses, instead of simply locking your keyboard or computer.
Ransomware doesn’t just affect desktop machines or laptops; it also targets mobile phones. Last week news broke of a piece of ransomware in the wild masquerading as a porn app. The so-called Porn Droid app targets Android users and allows attackers to lock the phone and change its PIN number while demanding a $500 ransom from victims to regain access.
Earlier this year, the FBI issued an alert warning that all types of ransomware are on the rise. Individuals, businesses, government agencies, academic institutions, and even law enforcement agents have all been victims. The malware can infect you via a malicious email or website, or attackers can deliver it straight to your computer if they’ve already infected it with a backdoor through which they can enter.
Just how lucrative is ransomware? Very. Out of 5,700 computers infected with the malware in a single day, about three percent of victims appeared to shell out for the ransom. And this was based on data from just one command server and two Bitcoin addresses; the attackers were likely using multiple servers and Bitcoin addresses for their operation. (here) But forking over funds to pay the ransom doesn’t guarantee attackers will be true to their word and victims will be able to access their data again. In many cases, Symantec notes, this doesn’t occur.
Ransomware has come a long way since it first showed up in Russia and other parts of Eastern Europe between 2005 and 2009. Bitcoin has become the most popular method for demanding ransom because it helps anonymize the transactions to prevent extortionists from being tracked.
Hospitals are a choice target for cyber criminals who use email “phishing” and other methods to insert ransomware into a computer system. The virus holds the system hostage until the victim pays up.
Hospitals are the perfect mark for this kind of extortion because they provide critical care and rely on up-to-date information from patient records, without quick access to drug histories, surgery directives and other information, patient care can get delayed or halted, which makes hospitals more likely to pay a ransom rather than risk delays that could result in death and lawsuits.”
But the potential targets include everyone who participates in the digital economy, as well as the federal government.
“After infiltrating a person’s computer,” the senators noted, “the virus encrypts a user’s files until a ransom is paid, usually in the form of Bitcoin or other difficult-to-track crypto currency. Infected users face the difficult choice of paying the ransom or losing their files forever.”