March 2016: Ransomware Is On the Rise
In the cyber equivalent of armed robbery, cyber criminals are now using a form of malware called "ransomware" to hold computers, servers, and entire networks hostage. Ransomware encrypts all of the files on a computer, leaving its victims unable to access their systems and their data until a ransom is paid.
Methods of Infection
- Direct breach of a network or system through traditional "hacking" methods
- More commonly, a link is sent via email, text message, or social media. When the link is clicked, the ransomware is downloaded onto the computer or smartphone
After an Attack
The hacker will refuse to provide the information required to decrypt the computer until a ransom is paid, usually in Bitcoin. The payment to the hacker is generally difficult to trace either because the payment is made anonymously or because the payment is sent to a country where the United States does not have jurisdiction.
Who and What are Targets?
Security researchers have seen ransomware attack Windows, iOS, and Android devices, so there is no specific device that is safe. Additionally, ransomware hackers are generally indiscriminate with their targets. Recently, the healthcare industry has been making the news for ransomware attacks. A Los Angeles hospital recently made the news after all of its patient files and other documents were encrypted. The hospital made the decision to pay nearly $17,000 to the hacker in Bitcoin to regain access to their information.
What to Do
It is critical to treat links and attachments to emails, especially from unknown sources, with caution. Since this is the most common attack vector, this is the biggest step to take to avoid the treat. Additionally, save documents to a location that is frequently backed-up. If an organization was to fall victim to ransomware and it does not want to pay the ransom, the backups could be loaded to regain access to its data. Often corporate file servers are backed up frequently. Saving your files there will ensure that they are much more difficult to lose!
For more information, please read the full Inspired eLearning post.