You have heard before that ransomware has gotten to be near an epidemic menace. Listen up: things have gotten lots worse.
Palo Alto Networks now has now has found a successful ransomware attack on Mac OS X. Read that again. Apple, the company thought by many users to be impervious to the many diseases that afflict Windows users, too has fallen.
Said Palo Alto Networks: “On March 4, we detected that the Transmission BitTorrent client installer for OS X was infected with ransomware.”
How many victims? A trivial number (unless you are among them) – 6500, said the Wall Street Journal.
But know this: numbers are likely to get a lot bigger, across multiple operating systems. The Institute for Critical Infrastructure Technology (ICIT) has now boldly declared that 2016 will be the year “ransomware holds America hostage.”
You could substitute Australia or Canada or New Zealand or the United Kingdom for America.
What would you do if a notice popped up on your screen: Your computer is locked because you violated laws by accessing child pornography sites. To unlock your computer, you need to pay a fine. One Bitcoin – about $410 US – will do it.
If you pay, will the lock be removed? Often, yes. Honest crooks make more money in the long run than do dishonest.
Of course this is illogical. People go to jail in child pornography cases. There is no buying one’s way out of that kind of mess for a Bitcoin.
But we – often – are creatures of illogic. So we pay the “fine.” And the criminals look for new victims.
This is no longer a minor annoyance. Said ICIT in a recent report: “2016 is the year ransomware will wreak havoc on America’s critical infrastructure community.”
ICIT ominously added: “One reason that ransomware is so effective is that the cybersecurity field is not entirely prepared for its resurgence.”
That means your self-defense is on you.
Evidence mounts that fully developed ransomware tools are readily available for purchase in underground marketplaces. That means unsophisticated criminals can buy gear that makes them sophisticated in an instant. Deployment costs pennies. Collect a Bitcoin here, another there and suddenly this looks like lucrative work.
Criminals deploying ransomware are not picky when it comes to victims. They are known to go after individuals but also small and medium sized businesses.
A key question: should you pay the ransom? ICIT offers this poignant quote: “In October 2015, Joseph Bonavolonta, the Boston-based head of the FBI’s CYBER and Counterintelligence Program, said, ‘To be honest, we often advise people just to pay the ransom.’”
Today the primary form of ransomware, said ICIT, is crypto in nature, that is, it encrypts data so a user cannot access it. Think about how fiendishly clever – and simple – this attack is. Said ICIT: “Crypto ransomware is as simple as weaponizing strong encryption against victims to deny them access to those files.”
How do criminals spread their ransomware? The traditional ways – mainly via social engineering, phishing emails, and contaminated (seemingly legitimate) websites, that is, so called watering holes.
A popular variant at the moment is called Locky – that’s what took down Hollywood Presbyterian Hospital, goading the hospital into paying $17,000 so that it could again access its files.
Locky arrives as what appears to be an invoice created in Microsoft Word. Click on it and the text looks garbled. You are instructed to enable macros to make it readable. Do that and you just lost control of your computer.
What is the antidote to ransomware? First – and obviously – if in doubt do not click. That is easier to say than it is to heed.
Step two – the foolproof advice – is have everything important backed up externally. That might mean on Google Drive or iDrive or in OneDrive. If your critical data is accessible by you elsewhere, what does it matter if this computer is locked?
Don’t do that and your vulnerability is high. ICIT noted: “Symantec claims ‘twenty-five percent of home users did not do any backups at all. Fifty-five percent backed up some files. In terms of backup frequency, only 25 percent of users backed up files once a week. The rest only made backups once a month or even less frequently than that.’”
Said ICIT: “If the system is backed up, and the backup remains reliable, then the victim can ignore the ransom demand and restore the system.”
Be prepared for the worst and you will come out fine.
Take no precautions, however, and 2016 just may shape up as an ugly – and expensive – year for you.
Backup externally. It’s that easy to outwit ransomware.