ONLINE SECURITY - CYBER RANSOMING A GROWING PARASITICAL BUSINESS FOR UK HACKERS
'There
are minimal overheads and profits can be limitless'
Cybercriminals are increasingly targeting
UK workers files and data, and the Metropolitan Police have warned that “no one
is safe”.
The FBI, Metropolitan Police, and security
experts all agree that cyber
ransoming has fast become one of UK’s biggest economic crimes.
Unpredictable, unstoppable and potentially
fatal to a business, the rapid emergence of ransomware has become a threat to
people across the nation.
August Graham, the editor of the Sentinel,
arrived at work one morning last summer to find a note pop up on one of the
computer screens. It informed him that all the files on the firm’s server had
been encrypted and were being held ransom.
He was told he had to pay £500 to get them
back, or they'd be destroyed.
Last year, 54 per cent of businesses in the
UK were hit by ransomware attacks, according to a survey by Osterman Research
on behalf of Malwarebytes. In 20 per cent of the cases, it stopped business
operations immediately.
Gadgets
and tech news in pictures
The average ransom demanded is £520, but
some can be enormous. Three per cent of UK companies that have been hit by
ransomware reported a charge of over £50,000 to recover their data.
Gary Miles, the detective chief inspector
of FALCON (Metropolitan Fraud and Linked Crime Online) described cyber ransoming as “the crime of choice”
right now.
“For a criminal, the cyber ransoming
business model is very attractive," he said. "There are minimal
overheads and profits can be limitless.”
If you measure risk against reward, it's no
wonder ransoming has doubled each year since its 2012 emergence. Robbing one
computer at a time violently using a knife or gun doesn’t scale well.
However, one hacker can rob thousands with
the click of a button.
What
is ransomware?
In the first stage of a ransomware attack,
a target will receive an email appearing to contain a legitimate attachment,
such as an invoice or link to a website. Most people will have come across one of
these infected messages.
In the past, they've tended to be written
in broken English and easy to spot, but hackers have skilfully refined their
techniques.
If the victim takes the bait and engages
with the content, the second phase begins. The malicious code in the attachment
will then be released onto the victim’s machine and spread fast.
It will encrypt all files and folders in
local drives, attached drives, backup drives and other computers on the same
server. In no time, all files will become corrupt and inaccessible.
The ransom note will then appear on the
computer screen. Demands can range from a couple of hundred to several million,
depending on how much the hacker thinks the organization will pay.
What
to do if you're targeted
Ransomware attacks are not just
proliferating, but becoming increasingly targeted too. Blocking one is
extremely difficult. Defenders are like the batters in a cricket game, who need
to deflect every ball thrown at the wicket. Hackers just need to knock the
bails once to win.
A survey by Trend Micro found that 65 per
cent of UK businesses hit by ransomware last year paid the ransom, despite all
security agencies and police forces advising against complying with attackers’
demands.
Explaining why victims should not pay up,
Pascal Geenens, Radware's security evangelist for the EMEA region said,
“Firstly, there is no guarantee that you will recover your data and secondly,
even if you do recover your data, hackers may come back at a later date
demanding an even larger ransom.”
Geenen says companies must place an
emphasis on prevention by educating employees and putting protective
technologies like firewalls, antivirus software and intrusion detection systems
into place.
On top of that, companies are encouraged to
establish a disaster recovery plan. So if a breach happens, there is a plan to minimize
the damage. A company must concentrate on strengthening those things in order
to make themselves less susceptible to ransomware. Once it happens, it’s too
late.
Cybersecurity firms also
encourage companies to back up their systems frequently.
“It should be done at least every hour,”
said Mr Geenens. “That way, if an attack happens a company need only reboot
their systems to the last point of backup.”
Comments
Post a Comment