The first ransomware program to generate media buzz was called Cryptolocker. The attack, which peaked in October 2013, used a special kind of malware to encrypt all the files on a personal computer. The attackers then demanded a $300 ransom to unlock the data. If victims didn’t pay up within 72 hours, Cryptolocker would encrypt their information permanently, rendering it completely irretrievable.
Since then, numerous ransomware attacks have been launched, becoming increasingly sophisticated and devastating with each new iteration. For instance, the virus Cryptowall infected roughly 625,000 computers in 2014. Another program, called Simplocker, deployed ransomware on smartphones, withholding users’ private photos and videos. Another called Reveton imitated official communications from the FBI and Department of Justice in order to extort victims’ money.
How does ransomware work exactly?
Ransomware is a kind of virus commonly referred to as a Trojan Horse. Like the name suggests, Trojan viruses disguise themselves as legitimate software, gaining access to networks via fraudulent emails and websites or by exploiting weaknesses in older operating systems. Where ransomware distinguishes itself is in what it does next. Using encryption protocols – similar to the ones that protect your passwords, credit card numbers and personal information online – ransomware locks down the files on your computer or device. Recent versions, like the WannaCry virus which attacked Britain’s medical network in 2017, have become so tough that their encryption protocols are virtually unbreakable. This means that victims have no choice but to pay up in order to unlock their information.
Ransomware viruses are especially attractive to hackers because they’re highly profitable and, compared to other kinds of internet scams, easy to pull off. For instance, Cryptolocker extorted $3 million over 9 months, while WannaCry raked in more than $55,000 in just one day. These kinds of attacks also alleviate hackers of some of the headache that comes with more traditional forms of information theft. Instead of having to find a buyer for the stolen data on the dark-web, fraudsters can simply demand payment directly from the victim. Plus, by forcing the people they defraud to pay using crypto-currencies like Bitcoin, and by operating on browsers like the Tor Network (which hides computers’ IP addresses from law enforcement and any other prying eyes), criminals can drastically reduce the risk of ever getting caught.
That’s scary stuff…but how does it impact my business?
Aside from the obvious dangers like viruses hidden in pop-ups or spam, ransomware may pose a new, much more insidious, threat to businesses starting in 2018. Until now, backing data up to a cloud has proven to be an effective defense against these kinds of attacks, yet experts worry that hackers are setting their sights on major cloud computing services for the coming year. In that case, the convenience and data consolidating power that cloud storage offers could also expose your company information to ransomware attacks. This isn’t to say that you should turn around and unsubscribe from your cloud service provider. However, if you are concerned about the security of your corporate network, MindActive has the expertise necessary to ensure that your most important documents remain safe and sound.
