No one can dispute that the Presidential elections in the United States this year has been anything but a normal election. It has truly been like no other. What’s more, perhaps no other event has brought the subject of hacking and cybercrime to the forefront than the election. As political pundits banter back and forth about unsecure email servers and hacked email data on WikiLeaks, it is easy for the public and businesses to grow tired of the subject of cyber security. The fact is though, while the seemingly endless election process has been playing out for the past 18 months or so, cybercrime continues to grow at an alarming rate, the consequences of which go far beyond political gotcha’s and debate.
Consider some of the following headlines and statistics reported from network and journals during this time:
Following a data breach, the data if often sold on the dark web.
Just five weeks ago, the Keck Medical Center of USC reported ransomware attacks at servers located at two of their hospitals. Fortunately, they were able to restore the servers from good backups. Three months earlier, six separate sites of the New Jersey Spine Center were attacked by Cryptowall ransomware in which it not only encrypted electronic health records, but the backup files and phone system as well. Ransomware has been like a match on kerosene, creating a combustion within the cybercrime community that seems to have no limit. It is a threat that is global and knows no borders.
New approaches to ransomware have evolved recently besides the traditional approach of encrypting files. In the past year, a new approach featuring DDOS attacks have surfaced in which attackers demand bitcoin payment in exchange for the restoration of an organization’s website. The attraction of this model is the possibility of perpetual payments, the idea being that attackers can charge a DDOS subscription on a quarterly or yearly basis. Should the targeted victim stop cybercriminal simply renews the attacks.
At the Carolina IT Conference in October of 2016, a leading IT authority attributed the rise of ransomware to the ease at which ransomware can generate money. With the rise of Ransomware as a Service, cyber wannabees can have an instant business model with little investment. RaaS is highly organized and structured much like a traditional multi-level marketing company. Distribution channels are organized by a boss or kingpin. The structure is then organized in a tiered hierarchy of 10-15 affiliates per boss. Current estimates are that bosses can earn about $90K on an average annual basis while affiliates take in an average of $7,200 annually. Basically, an affiliate downloads a malware package from the Dark Web for a small cost of between $40 to $400. As an example, Cerber, one of the most active ransomware rings operating today, afflicted 150,000 Windows users in July of 2016 alone. According to Check Point, revenue estimates are somewhere around $280K. Revenue sharing plans between authors, bosses and affiliates.
Another factor in which ransomware is emulating the practices of a real business is that ransomware producers are now putting greater amounts of effort and investment into R&D to not only improve the delivery and effectiveness of Ransomware, but to deliver more product offerings as well. A new Ransomware strain called Philadelphia features a mercy button in which victims can decrypt their files for free should the attacker have feeling of remorse or guilt.
Surprisingly though, a large constituency continue to look at ransomware as a crime that can only happen to their neighbors. According to a story in Computer Weekly (Feb 2016), 31% of respondents in a poll done amongst UK businesses showed that the greatest concern about cyberattacks is merely the potential disruption to services. In fact, almost 60% are not concerned with the potential for theft of intellectual property. It is clear that the attitude towards cyber threats needs to catch up with the times. Protect yourself from ransomware.
Sign-up for email updates...