Ransomware: The ‘Uber-ization’ of the Bad Guy

0
395
Just over half of the attendees at Carbonite's NewCoBOS session received this ransomware note.

Data is everywhere, and the more data we have, the more vulnerable we become, according to Carbonite Senior Vice President of Marketing Norman Guadagno speaking at NewCoBoston. Hackers recognize this vulnerability and are developing ransomware viruses to hold personal and business data hostage that will require payment (or “ransom”) for its safe return. These attacks have become so successful that the hacking industry has created ~$1B in revenue this year.

Carbonite Senior Vice President of Marketing Norman Guadagno speaking on ransomware at NewCoBOS 2017

The scariest part? These attacks don’t entail sophisticated technology. With Uber, you only need a car and a smartphone to enter the ride sharing service. Similarly, a ransomware virus only requires a mailing list of potential targets to get off the ground.

How does it get on your system? The number one way ransomeware gets on your system is through phishing emails asking you to click on a link. Smshing is an SMS text based phishing attack. Don’t click or open attachments that you aren’t expecting. The second is when you visit websites or are in public using an untrusted wifi network. You should not connect to networks in the wild. And, the third is to not leave your laptop unattended and unlocked (ie, don’t leave your laptop open and unlocked on an airplane when you go to the rest room).

The ransomware takes your data hostage by encrypting all the business and personal files on your computer (ie, your personal pictures, tax returns, health data records, financial info, business plans, etc.). When your data is kept from you, you are often panicked and more open to paying to get the data back. Ransomware then sends you a “ransom note” with instructions on how to decrypt and get your data back. It may be to pay money as ransom or to spread the ransomware to other people’s machines.

Ransomware distributors spread “ransomware-as-a-Service” offerings to other bad guys and serve as a one-stop-shop for hacking resources. In addition to this criminal support network, the bad guys have the benefit of only needing to breach your perimeter defenses once.

In summary, data is important, lots of people are trying to get it, and there are simple ways to protect it. The best advice is to back up your data (with Carbonite or someone else) so you are not held hostage to ransomware. Bottom line is that people are after it and the threat is real. Learn more at www.fightransomware.com.