Ransomware’s evolving
It’s bad and it’s getting worse. But running outdated versions of Windows doesn’t help anyone.
Afew years back guilt-ware attacks were common. Unsuspecting users would log into their machines and be greeted with a banner stating they were under investigation for nebulous crimes. Anything from to piracy, to pornography or promulgation of terror materials. But don’t worry, says the warning – all of this will go away if you just wire some cryptocoins to this address.
The message goes on to explain how to acquire said coins, and warns that if you don’t pay, you’ll be arrested. That these kinds of attacks were ever successful (and sometimes still are) speaks volumes about people’s gullibility. It also shows some people have some quite funky ideas about how justice works. Yet we shouldn’t be so dismissive – there’s some psychology behind this.
There’s a widely held theory that everyone has some latent guilt about something they’ve done in the past and not ‘fessed up to. And tapping into this with a scary message can make the subject feel rumbled. Detectives take advantage of this (and all kinds of other techniques) when questioning suspects.
Still, it’s the kind of message that lots of people (especially anyone used to browsing the internet without a pop-up blocker), will just close and ignore. So later evolutions of this attack would go a stage further, either locking the victim out of the machine entirely (forcing the user to choose between a complete reinstall or a quick ransom payment) or encrypting any user documents it finds. This is what ransomware typically refers to today. Thanks to networking (and a rich underground scene in the trade of network exploits) damage may quickly spread to other machines too, and before you know it a stray click on a single machine might bring about a network-wide incident.
Naturally, businesses are a much more lucrative target with (according to Coveware) the average payout in 2020 being $233,817. Attacks on home users might ask for anywhere between the equivalent of $200 to $2,000, which is why they don’t tend to grab the headlines anymore. Home users may also feel uncomfortable about reporting a ransomware attack, but they shouldn’t. Even if the authorities can’t help, reporting the incident (to the likes of CISA in the US or the NCA in the UK) will at least help them measure the scale of the threat. For businesses, the projected cost of recovery might well exceed the ransom, at which point it makes business sense to cough up. Insurers are starting to recognise this now and some (controversially) even include ransomware payments in their policies.