Loading...
You are here:  Home  >  Data Education  >  Big Data News, Articles, & Education  >  Big Data Blogs  >  Current Article

Ransomware – The New Cyber Protection Racket

By   /  April 19, 2017  /  No Comments

Click to learn more about author David Schlesinger.

Now that a number of newsworthy institutions such as hospitals, schools, and government offices, have fallen victim to what is called “Ransomware”, the media have finally noticed it. Ransomware, for those not yet familiar, is a pernicious type of cyber-attack where downloaded malware (i.e. “malware” is malicious software now keep up), encrypts all of your data and then demands a ransom from you in order to tell you the password so you may unencrypted it.

With all your data turned into jumbled numbers, you no longer can see your pictures, read your documents, display PowerPoint, open spreadsheets, or do much else with your computer.

Wait, it gets worse.

If you have your backups residing on the same local network as your computer, the evil software encrypts them as well.  The author of the Ransomware demands payment by a certain date or the files will stay encrypted forever. The payment is to a numbered account using Bitcoin (Bitcoin is a cyber currency that cannot be tracked.)

You Have Only Four Choices Should This Happen

  • One: Pay the ransom and hope the decryption key works, it often does. The FBI advises not to do this, but they did not lose all the photos of their grandchildren.
  • Two: Erase all your encrypted data, have your computer disinfected, and then restore all the lost data from recent backups that were not connected to the network at the time that you were infected. This is dependent on having recent backups not connected to your network.
  • Three: Abandon all your data and lost photos and start fresh in life without looking back. (This is a terrible choice- but all too often the one that prevails)
  • Four: Get professional cyber support from a legitimate organization that may, sometimes, be able to rescue you if the author of the software made errors in the encryption process (About 40% of the time).

Encryption is a complex process, much like data administration, and cryptographic novices all make errors that may allow a determined investigator to either decode the data or discover the decode key hiding in the malware itself.

The difficulty of doing encryption correctly is one reason why so many Wi-Fi encryption schemes such as web WEP, WPS, WAS, and WAP have been shown to be easily vulnerable to attack. Only WPA2 is still secure as a Wi-Fi encryption scheme. It was created with the help of cryptographic experts. Imagine that!

(You have turned off WPS in your home router – right?)

Ransomware is easily added to a virus and often arrives in emails looking like PDF files, documents, or photos or links to funny cat videos. Once you download the rile (which is really a program in disguise) or click on the link your network is infected. Also, some websites have links the result in malware downloads. Unfortunately, some of these websites are perfectly legitimate websites where the webmaster used the default passwords or never updated the software to close security holes.

A good rule is to never open an email that comes unexpectedly from some person or agency the you never heard of before. If you receive a strange email from somebody who usually never emails you, consider that it is possible their email account was hacked and the email is infected. Email is not casual when somebody might be mailing a cyber-bomb to you or your company. Never download strange files or click on a link that any email that anybody unexpectedly sends you, no matter urgent the email claims the matter is.  It is not the FBI, nor the IRS, nor PayPal, nor even the Nigerian Prince with all the millions left in the bank.

The best resolution of Ransomware, should you get it, is option number two. Restore your data from a clean backup after disinfecting your computer. To have this optimal response possible, you’ve need to perform regular backups of all your data saved to a location away from your network. This could be as simple as a weekly data backup copied to a freestanding hard drive that is stored in the back closet.

Or you could engage an online backup system that might allow you to separate past clean backups from recent ones that might have been infected with the Ransomware.

Cyber weather is stormy these days and you must make efforts to save the photos of your grandchildren.  Back up your data often and store the backups away from your home network.  Then remember to never click on a link sent in an unexpected email., even if it claims to be an urgent request from PayPal, Gmail, or your bank.  Use your browser to type in the real address to go to any site to check.  Their “link” may send you to a web site that looks amazingly similar to the real one, and ask you to enter in all sorts of personal data and passwords.  Not only will your computer be infected, but also your data and bank account may be gone.

Good luck.

About the author

David Schlesinger, CISSP, brings 27 years of experience in information technology and data security management to data security. He is certified in cybersecurity and is a past president of the Phoenix ISSA, a security professional association.  David has authored two US Patents for data governance methods that use Metadata classifications to audit and automate user rights and regulatory compliance. His book on finding hidden security and governance gaps in an enterprise, The Hidden Corporation, is published by Technics Publications.

You might also like...

5 Pitfalls to Avoid from Real Stories of Analytics Projects (Part 2)

Read More →