The real risk of ransomware

“We do not negotiate with terrorists” is a patriotic statement used by many countries. Does this notion still hold when you risk losing your data? The short answer is no.  In October 2015, Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s Cyber and Counterintelligence Program is on record stating that “…we often advise people just to pay the ransom;  the ransomware is that good”.

He was referring to ransomware programs like Cryptolocker, Cryptowall, Reveton and other malicious programs that encrypt the contents of a victim’s hard drive, as well as other directories accessible from the infected system.

Ransomware is a form of malware. It works by either holding your entire computer hostage or by blocking access to all of your files by encrypting them. Once infected, a person generally receives a message stating that he or she must pay a certain amount of money, usually $500 or more, within a specific timeframe (usually 24 hours) to get the key that will decrypt their data. If they don’t meet this deadline, their data is deleted. Surprisingly, upon paying the ransom, sometimes the decryption key is actually sent to you and access to your computer is fully restored. Nevertheless this just increases the chances that a victim will pay the ransom.

The lag between the skills and resources of cyber criminals and the skills and resources of law enforcement personal is evidentially getting dangerous. Businesses are increasingly seeing themselves in a position where they have to help themselves. Keeping up to date with security updates and patches has never been more important.

To be fair to law enforcement agents, once hackers have your computer hostage, there isn’t much they can do other than give them what they want. However, there are ways of getting around this. BACK UP YOUR DATA. Copy data to an offline hard drive, use a cloud – do anything to ensure that your costs are minimised. If you have to pay $1000 for a decryption key, you might as well buy a new computer and update it with the backup data. Not only do you get a nice upgrade, you play your part in reducing the revenue streams of online criminals.

In most cases, paying the ransom does not guarantee that you will retain access to your computer. However, regularly backing up your files will ensure you have something to fall back on.

In these difficult times, we have seen governments threaten citizens with imprisonment when they have tried to raise money when their loved ones have been held hostage by terrorists abroad. Yet the same law enforcement agents encourage civilians to pay ransoms towards what can be argued to be more sophisticated criminal organisations in the digital world. The cybercrime economy is booming, and the white hats have yet to show that they have it under control. 2016 is set to see the highest rate of ransomware cases. Is it really a good idea to encourage more funding?

Posted 1 year ago on · Permalink