You get an e-mail from a stranger with an attachment, why not open it? There is a USB-stick on your desk, why not just upload its content? Nothing interesting happens, until you restart your computer. Suddenly, you get a message. You need to pay up before you get your data back.
Simply put, ransomware encrypts your data, making it inaccessible for the user to see it. Effectively, it’s being kept ransom until the user pays the price. When he or she does, the system will unlock. Another form of ransomware is just exploiting your computer, so it keeps spamming you stuff on your screen. This will only stop once you pay the price.
What can you do against it? If the encryption being used is strong or the file that starts the spamming is deeply hidden in the operating system, really not that much. It’s all about preventing. For example, not opening files from unknown sources. But what if you work for a company that gets thousands of e-mails every day from unknown sources, sending you attachments?
Ransomware gets ‘more intelligent’ by the minute. There are already examples out there that wait for the moment to strike after encrypting your back-up system. This seems like a pretty intense security risk to me.
You probably want to avoid ransomware on your personal computer, but it’s not the greatest risk we’re talking about here. Imagine a hospital getting hit with ransomware. In March 2016, the Hollywood Presbyterian medical Centre in California was actually locked out of its EHR for a week. I think you can imagine the chaos that ensued.
The problem with ransomware is, that is made for the user to pay. So naturally the targets will be the systems that are the ones we really need. Like hospitals. After being hit, the price will be just high enough for it to look acceptable. For a hospital, there may be no other choice than to pay up as fast as possible.
Since ransomware can creep up your system in a about a billion ways, it’s really hard to prevent it. Will just making securer software or train people to be more safe with their tools be the solution? I guess only time will tell. What do you think?
sources used:
https://en.wikipedia.org/wiki/Ransomware
http://www.bleepingcomputer.com/news/security/the-cerber-ransomware-not-only-encrypts-your-data-but-also-speaks-to-you/
http://www.computerworld.com/article/3041433/mac-os-x/first-mac-ransomware-had-sights-on-encrypting-backups-too.html
https://tweakers.net/nieuws/116333/meer-dan-helft-nederlanders-heeft-nog-nooit-van-ransomware-gehoord.html
http://www.beckershospitalreview.com/healthcare-information-technology/hospitals-are-hit-with-88-of-all-ransomware-attacks.html
Hi Joeri,
Again I think that this is a good post. It is a really malicious thing that people do, but same as your post about security on the Internet of Things, people are really careless.
As shown in many social experiments (one example : https://www.comptia.org/about-us/newsroom/press-releases/2015/10/26/find-a-flash-drive-pick-it-up-experiment-shows-how-lack-of-cybersecurity-knowledge-can-impact-organizations), people just take an unknown flashdrive and plug it in too see whats inside, while that might be really dangerous.
Perhaps even worse than ransomware, the KillerUSB also exist. This usb device can fry all computers when u plug it in. http://arstechnica.com/security/2015/10/usb-killer-flash-drive-can-fry-your-computers-innards-in-seconds/
In essense USB works universally and always accepts it whenever you plug it in (e.g. usb sticks).
This could be very dangerous as shown above and in your blog, so my question to you is: how do you prevent it thoroughly? Should there be a new, but more secure tech or standard implemented that replaces USB?
Dear Joeri, Thank you for your post! I agree with Xidong: people are often just really careless, and they do not realize that their security is being treathened. However, for a hospital to be threathened is even worse than just a single person.
I think the most important take a away from this blog is to educate people on how to prevent a malware from entering your computer. It is good to have a spamfilter and a firewall, but if you carelessly open everything that is send to you, those things have little use. Hence, maybe making a governmental campaign about securing your privacy would be the best option for individuals. For corportations, maybe a backup system would be a good idea, as well as strict rules on what is and what is not allowed on internal servers. Of course, with ransomware getting smarter, we all have to be more carefull.
Hi Joeri, you are addressing a very important topic here. There are so many potential targets for ransomware that do rely on quickly regaining access to their data – and would therefore be very likely to pay ransom. In February of this year, for example, the city council of Dettelbach (a small city in Germany) has been attacked by ransomware and the city decided to pay. Interestingly, different experts give different recommendations on what to do when you are a victim of ransomware. While the German Federal Agency for Security in Information Technology advocates not to pay – as you don’t even know whether extortionists will keep their word and remove the ransomware – the FBI suggest to better just pay cause there’d not be much you could do against the ransomware anyway.
Concerning your question about whether we need securer software or whether we need to train people how to better use software – I think this clearly comes down to training people. Software is mostly so complex that it is impossible to exclude all security loopholes. And especially currently we still have so many people working with software that are far from being “digital natives” that I believe educating people more about what to look out for in order not to become a victim of ransomware has to be the key.
http://www.zeit.de/digital/datenschutz/2016-03/ransomware-stadtverwaltung-dettelbach-zahlt-bitcoin
http://www.zeit.de/digital/datenschutz/2016-02/it-sicherheit-ransomware-erpressung-krankenhaus-los-angeles-neuss