If there’s one security topic worth keeping on the minds of an unsuspecting public, it’s ransomware, a topic fraught with trouble since it can lock down your life with just one stray click or swipe. But the problems of today could easily get worse thanks to the internet connecting to more devices.
According to a new report by Symantec, Australia is unfortunately the number one attacked country in the Asia Pacific region, with ransomware taking point for being one of the most lucrative ways a cybercriminal can make money.
“Symantec found that Cryptowall — currently the most prevalent crypto ransomware — had earned at least US$34,000 in its first month of operations,” said Mark Shaw, Security Expert at Symantec, the makers of Norton Internet Security and Norton 360.
“A further study by other information security researchers found that Cryptowall had earned more than US$1.1 million in its first 6 months of operations. While in June 2015, data from the FBI’s Internet Crime Complaint Center (IC3) showed that between April 2014 and June 2015, they had received 992 Cryptowall-related complaints, resulting in victims’ losses amounting to more than US$18 million.”
That’s a lot of money, telling you ransomware does work for cybercriminals, and it does it by having innocents open up malware and having these lock down critical files on your computer.
Unfortunately, opening these files can be very easy, as we’ve noted before, with most of the ransomware out there purporting to be from a brand you know and trust. You might see an email from Australia Post or an energy company you use, and there’s even a possibility of it looking like it’s coming from a bank or Australian Taxation Office.
Often, these emails offer up a link detailing that a package or amount of money is waiting for them, and when clicked, you might find a dangerous ZIP file waiting with a payload inside ready to lock down files on your machine.
And when we say “lock down”, we mean it, with these files locked in place by a form of cryptology that means you won’t be able to unlock it until you pay up, which is the point of this technology to begin with: ransom, hence the name “ransomware”.
“This form of cyber crime is proving very lucrative for those behind it given the high click-through and infection rate,” said Shaw.
“Symantec’s very conservative estimate is that 3% of infected users pay the ransom.”
These attacks aren’t likely to stop anytime soon, with Shaw telling GadgetGuy that “ransomware attacks are not a fad”.
“They are here to stay,” he said, “and the groups behind it will continue to create new and creative methods to hold our files to ransom.”
These methods will likely go beyond the realm of the phone, tablet, or computer, and with more devices getting connected to the internet, you only have to browse through a gadget webpage like this one to find out just what the cybercriminals might want to target next.
Watches could be next thanks to the whole smartwatch fad, but they’re nothing in comparison to digitally connected devices we depend on day in and day out.
Think of your home and how you might find electronically controlled door locks. If this were infected with ransomware, you might not be able to get into your home, until you realised you still had an actual key, and right now, all electronic locks support a key as another way of getting in, useful if the power goes out.
But what about your car? With more automobiles being hooked up to the web, there is a potential for cybercriminals to find a way to force you to pay up when all you want to do is drive out.
“Symantec has already seen cars being hacked and taken over remotely,” said Shaw, “[and] people are beginning to use more and more home automation systems with remote controls these could all present great opportunities for cybercriminals to expand the horizon for ransomware.”
Now there are some solutions to this, though some are obviously more tongue-in-cheek than others.
For instance, you could go live in a cave somewhere, looking for the abominable snowman who apparently makes wicked snow cones.
This isn’t a realistic response, mind you, since living a life in a cave away from electronics and communications is akin to burying your head in the sand and hoping it all goes away.
Rather, the obvious solution is education — reading articles like this and staying on top of what security concerns there are — followed by keeping your devices secure with internet security applications, the latter of which can take much of the guesswork from errant and bogus installations from your fingers and make your computer, phone, and anything else you’ll be using that connects to the internet just that much safer.
With security software, your connected devices are essentially under control, and while we’d still suggest learning to be helpful, having a frequently updated app to monitor what goes in and out of your life is very much a necessary part of the equation.
“Security software on the endpoint plays a significant role in reducing the risk of ransomware infection,” said Shaw, telling GadgetGuy that it is imperative to “ensure that you’re using reputable security software that leverages enhanced detection capabilities that can detect both known and unknown malware”.
Backing up is also going to be hugely important, and while it should be practiced today to make sure data is secure in case of a storage failure, having critical files backed up is important if you ever have to deal with ransomware.
With this solution, instead of succumbing to paying a ransom, you just write off the files, quarantine and delete the malware, and replace the files with ones you’ve already backed up.
Regardless of what you do, these techniques are useful for a more secure digital presence, and so making sure you’re backing up those necessary bits and pieces both to an online solution (i.e. Dropbox, Google Drive, Microsoft OneDrive, etc) and offline drive (external storage), while also keeping a security solution up-to-date, paid, and in place, as that will at least help you ward off any of these problems, especially as they grow.
