The scourge of ransomware – malware that hijacks your PC and encrypts all of its files – has become so ingrained in the very fabric of computing, some of the criminals behind it have actually begun offering live chat support for victims.
The new service was discovered this past summer by Trend Micro, an IT security firm, which posed as a victim of ransomware, and was cheerfully offered live chat support in exchange for its ransom payment.
“Right now, ransomware is an epidemic,” said Ryan Naraine, a head of the global research and analysis at Kaspersky Lab. “Although it has been around for more than a decade, we have seen a recent explosion of new ransomware families that is cause for serious concern.”
Kevin Haley, director, Symantec Security Response said, “Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours. We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”
The growing professionalization of ransomware is a concern for every utility, whose employee’s PCs, laptops and smartphones can be infected with the malware via an email attachment, malicious link or compromised website.
As victims learn all too well, once ransomware takes hold of a machine and encrypts all your files, you generally only have two choices if you’re unprepared: pay the ransom and hope that the criminal behind the hostage takeover of your machine feels like restoring your files once money exchanges hands.
Or, refuse to pay the ransom and kiss your files goodbye.
For any utility with computers linked to the Internet, the message is crystal clear: Get your technology protected with security software. And ensure every employee at your organization follows these best practices:
- Use strong passwords: IT security firms say you should ensure your passwords are very strong (12 characters minimum), and that you should change your passwords every three months.
- Think before you click: Opening the wrong attachment can easily introduce malware to your computer system, according to a recent study by Dell. Never view, open, or copy email attachments unless you are expecting the email from a trusted sender.
- Install security software: Use an internet security solution that includes antivirus, firewalls, browser protection and proven protection from online threats.
- Be wary of scareware tactics: Some social engineering and faux ransomware attackers attempt to trick you into thinking your computer is infected to get you to buy useless repair software or pay money directly to have an uninfected computer restored.
- Keep all your software patched and up-to-date: This really can make a difference, given that ransomware proliferators are now seeding legitimate websites with ransomware, knowing that their ransomware can download via simple interaction on the website, and then infect a computer on a software application running with outdated security protection.
- Be on the look-out for network-wide attacks: Stuart Sjouwerman, CEO, KnowBe4, an IT security training firm, says newer forms of ransomware are capable of encrypting an organization’s entire computer network in one fell swoop.
- Consider Cyber Insurance: “More than 60 carriers offer stand-alone cyber insurance policies,” says Dr. Robert Hartwig, special consultant, Insurance Information Institute.
- Go in-depth: KnowBe4 offers a free, 20-page Ransomware Hostage Rescue Manual with actionable information to prevent infections and what to do when hit with ransomware.
One silver lining: Researchers at the University of Florida have developed a new prototype anti-ransomware software that has defeated hundreds of different strains of ransomware that has gone up against it.
The trick: the prototype software, Crypto Drop, allows ransomware to activate on a machine, but then quickly shuts down the ransomware once it detects it encrypting files.
“You lose only a couple of pictures or a couple of documents rather than everything that’s on your hard drive,” said Nolen Scaife, a doctoral student in computing at the University of Florida who helped develop the code. “It relieves you of the burden of having to pay the ransom.”
Patrick Traynor, an associate professor in computing at the University of Florida, who lead the team that developed CryptoDrop remarked, “Something needed to be done.”
Added Engin Kirda, a professor in computing at Northeastern University, “If Patrick’s team can make this solution freely available to Internet users, they could have a large impact.”
Currently, the Florida researchers are looking for a partner to bring CryptoDrop to market as a commercial product.
BM has come out with a through Ransomware Response Guide, released June 2016.
— By Joe Dysart, an Internet speaker and business consultant based in Manhattan. (646) 233-4089 • firstname.lastname@example.org • www.joedysart.com.