Ran­somware con­cerns

Ran­somware con­tin­ues to be an epi­demic for busi­nesses, se­cu­rity experts warn Michael Kan

Tech Advisor - - Contents -

Ex­pect ran­somware to grow more ag­gres­sive in the com­ing years, in­clud­ing higher ran­som pay­ments and at­tempts to go be­yond at­tack­ing data by shut­ting down en­tire com­puter sys­tems to util­i­ties or fac­to­ries.

“I see no rea­son for ran­somware to stop,” ar­gued Neil Jenk­ins, the di­rec­tor of the US De­part­ment of Home­land Se­cu­rity en­ter­prise per­for­mance man­age­ment of­fice. “It’s shown to be ef­fec­tive.”

At the re­cent RSA cy­ber­se­cu­rity con­fer­ence, experts gave a grim out­look on the fu­ture of ran­somware, which they fear will spread. Through the at­tacks, cy­ber­crim­i­nals have man­aged to rake in $1 bil­lion in 2016, ac­cord­ing to one es­ti­mate. The com­puter in­fec­tions work by first tar­get­ing the vic­tim’s data, and en­crypt­ing it. The ran­somware will then threaten to delete the data, un­less a pay­ment, usu­ally in bit­coin, is made.

How­ever, a key con­cern is that ran­somware will start tar­get­ing crit­i­cal in­fra­struc­ture, added Jenk­ins. He pointed to the re­cent ex­am­ple of an Aus­trian ho­tel hit with ran­somware that took out its key card sys­tem for the ho­tel doors. Fu­ture ran­somware at­tacks might try to lock­down con­trol sys­tems for a wa­ter util­ity, threat­en­ing its op­er­a­tions.

Too many im­por­tant com­puter sys­tems are also con­nected to the in­ter­net when they shouldn’t be, ar­gued Gal Sh­pantzer, CEO of Se­cu­rity Out­liers. Small busi­nesses are also fail­ing to prop­erly seg­re­gate their com­put­ers from other pro­cesses, like a fac­tory as­sem­bly line, he said. When a ran­somware in­fec­tion hits, it has the po­ten­tial to shut down the en­tire op­er­a­tion.

“That’s where ran­somware is go­ing to go,” Sh­pantzer added. “I think it’s in­evitable. Peo­ple are go­ing to be in­jured or lose their life. This is start­ing to affect things that shouldn’t be on the in­ter­net, or are phys­i­cally mov­ing.”

The hack­ers be­hind ran­somware in­fec­tions are also de­mand­ing higher and higher pay­ments, some times over $40,000, said Jeremiah Gross­man, chief of se­cu­rity strat­egy at Sen­tinelOne. There have even been a few ran­somware cases where vic­tims had no choice but to pay over seven fig­ures to re­cover their sys­tem, Gross­man added, de­clin­ing to pro­vide de­tails. “Bot­tom line, it’s get­ting worse out there, and it will con­tinue to do so.”

Ran­somware in­fec­tions are al­ready ha­rass­ing small and medium busi­nesses, ac­cord­ing to Robert Gib­bons, CTO at se­cu­rity provider Datto. His com­pany con­ducted a sur­vey that found 60 per­cent of its part­ners have ex­pe­ri­enced one to five ran­somware at­tacks in the last year.

The re­main­der had ex­pe­ri­enced over five at­tacks. “Ran­somware is still an epi­demic,” ac­cord­ing to Gib­bons.

Experts rec­om­mend that busi­nesses and users fre­quently back up their data and also test to those back­ups to make sure they work. Se­cu­rity ven­dors have also pub­lished tools that can free com­put­ers from some ran­somware in­fec­tions.

When an at­tack hits, vic­tims may be tempted to pay the hack­ers the ran­som. But Gib­bons warned that one out of four times, the hack­ers still de­clined to de­crypt the vic­tim’s data, de­spite re­ceiv­ing pay­ment.

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.