With New Digital Tools, Even Nonexperts Can Wage Cyberattacks

2017.05.15 01

SAN FRANCISCO — Hackers are discovering that it is far more profitable to hold your data hostage than it is to steal it.

A decade-old internet scourge called ransomware went mainstream on Friday when cybercriminals seized control of computers around the world, from the delivery giant FedEx in the United States to Britain’s public health system, universities in China and even Russia’s powerful Interior Ministry.

Ransomware is nothing new. For years, there have been stories of individuals or companies horrified that they have been locked out of their computers and that the only way back in is to pay a ransom to someone, somewhere who has managed to take control.

You don’t even need to have any skills to do this anymore,” said Jason Rebholz, a senior director at the Crypsis Group who has helped dozens of victims of ransomware.

Ransomware has allowed people who are not computer experts to become computer thieves. It used to be that hackers had to be a little creative and skilled to get money out of people. There were fake antivirus scams that promised to clean up your computer — for a fee.

With New Digital Tools, Even Nonexperts Can Wage Cyberattacks

What you need to know about the massive hack that hit the British health-care system and elsewhere

2017.05.13 06

It was first reported in England — hackers gained access to the National Health Service computers, effectively shuttering the entire system. Patients were told to stay home; doctors and nurses were unable to access email or medical records and had to take notes by hand. The hackers demanded a ransom, to be paid in bitcoin.

By Friday afternoon, though, it was clear that this was not a limited attack. Businesses in at least 11 other countries reported similar cyberattacks. Many were paralyzed.

According to Britain’s Independent newspaper, these attacks may stretch around the globe, from Portugal to Turkey, Indonesia, Vietnam, Japan, Germany and Russia. It “is much larger than just the NHS,” Travis Farral, director of security strategy for cybersecurity firm Anomali Labs, told the Independent. “It appears to be a giant campaign that has hit Spain and Russia the hardest.”

If you run a business, back up every computer in your office and have a plan for what to do if your system goes down for a while. Be smart about setting up your network, so that most users don’t have complete access to the system. This makes it harder for a ransomware attack to infect everything. And make sure your users are educated about the common kinds of attacks.

What you need to know about the massive hack that hit the British health-care system and elsewhere

Civil Rights Office Issues Ransomware Guidance

2016.07.25 03

Ransomware infections are on the rise, and healthcare organizations are ripe targets, which may be why the federal government addressed the subject last week.

Ransomware attacks have risen from about 1,000 a day last year to 4,000 a day this year, Symantec has reported.

Many of those attacks are for small change, but some of the larger ones have been directed at healthcare providers. For example, Hollywood Presbyterian Medical Center earlier this year paid hackers US$17,000 to get its systems back online. Also, Medstar Health this spring coughed up $19,000 to return to normal operations.

Civil Rights Office Issues Ransomware Guidance

Mobile Ransomware Has Mushroomed

2016.07.11 01

The number of mobile ransomware victims across the globe has increased fourfold compared to a year ago, suggests a Kaspersky Lab report released last week.

Kaspersky software protected 136,532 users targeted by ransomware from April 2015 to March 2016 — up from 35,413 in the year-ago period, the company said.

“The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend,” the report notes.

It identifies several factors contributing to the growth of ransomware in general:

  • First, people are willing to pay the ransoms.
  • Second, the value of the information stored on digital devices is so high now that paying a ransom to recover it is more cost-effective than not paying the ransom.
  • Third, law enforcement is having difficulty responding to the problem.
  • Fourth, new payment tools make it easier for extortionists to collect ransoms.

Mobile Ransomware Has Mushroomed

Gang Surrenders Key to TeslaCrypt Ransomware Kingdom

2016.05.23 01

Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files.

After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel TeslaCrypt’s operators offered to ransomware victims, and asked for the universal master decryption key, the company said.

To Eset’s surprise, the operators made it public.

Why So Generous?

Why the TeslaCrypt posse decided to share the master decryption key to software that’s made millions of dollars is unknown.

“While it is possible that they felt bad for the damage done, another possible reason is that they wanted to start fresh with a new codebase,” said Lysa Myers, a security researcher with Eset.

After being in the ransomware racket for a while, the crew may have discovered that maintaining good software of any kind can be challenging. “Sometimes updates to an existing product can make things more error-prone, which makes it harder to make money,” she told TechNewsWorld.

“Ending an old project can allow for a clean slate from which to start again,” Myers added.

While the TeslaCrypt operators’ move is surprising, it’s unlikely they’re getting out of the ransomware business, said Rahul Kashyap, chief security architect with Bromium.

“They may want to change their payment scheme or try out a different business model,” he told TechNewsWorld. “It’s unlikely that they’re deserting the ransomware business.”

Gang Surrenders Key to TeslaCrypt Ransomware Kingdom