Ransomware. It’s a bit of a buzzword lately, and for good reason.
Ransomware attacks are becoming more and more common, and they can hit businesses hard.
Like many dangers, the first and best line of defense against Ransomware is gaining a better understanding of what it is, how it works, and how to prevent it from taking hold of your systems.
Cybersecurity experts pinpoint the first ransomware attack as happening in 1989 – a nasty little bug called ‘AIDS Trojan’ (an obvious play on other fears that were running high at the moment.) Already, before we even discuss the story of that virus, we see one of the core elements of a ransomware attack – cybersecurity officials call it ‘social engineering’ and what it means is a tech based attack that plays on very human fears and emotions.
Rather than telling users they had been hacked, the AIDS Trojan depended upon the general lack of computer savvy that was prevalent in 1989. After 90 restarts of the computer (enough time to stop people from realizing they had an infected floppy disk (the only means of transmission for this virus) a message would pop up, notifying the user that their license had expired, and that in fact, if they did not pay the license fee, an organization called ‘PC Cyborg’ would actually legally pursue the debt. Again, you see the social engineering element at play.
In fact, AIDS Trojan didn’t even tamper with the contents of files – it just jumbled up all the filenames, leaving the computer unable to find any of them.
Infected disks were mailed to users via US mail, from a mailing list. If you wanted to pay the fee, you had to send $189 to a PO Box in Panama!
Unfortunately, times have changed, and today’s ransomware is far more sophisticated than the AIDS Trojan or the Yankee Doodle virus.
Encrypting all of your files is the least of what today’s ransomware can do (and not just the filenames!)
The list is a stark reminder of the fact that we are living in the future (though still without Back to The Future 2 style hoverboards!)
- Encrypt your files
- Scramble filenames
- Change file extensions
- Display an image or message (so you know where to send the money!)
- Use complex evasion to slip past antivirus software
- Recruit your computer into a network called a ‘botnet,’ using your valuable processing power to wreak all kinds of havoc in the world
- Spread to other drives on your computer and other computers on your network
- Extract data from your computer (usernames, passwords, credit cards info, etc) and send it to a server for later use
- Geographically target its location, so it can translate its ransom note into the right language and currency
The real culprit though, in ransomware’s rise to the top of today’s cyber criminals, is Bitcoin. Before Bitcoin, ransomware had to request cash in the mail – other forms of payment were too easy to trace back to the criminal in the driver’s seat. However, Bitcoin is untraceable, by cybersecurity firms and law enforcement agencies alike.
Join us, for a free Mary’s Tech Talk event on October 24th at 4:30pm at the Arcade office for coffee, snacks, and to learn more about what Ransomware is, how it works and how you can protect yourself and your company against this prevalent and costly threat.