Ransomware is not a new threat, it has been around for at least 15 years, but it has become a trending one. Last year, FBI reported more than 2,500 incidents. The figures are likely much higher as most companies and organizations do not want to publicly disclose that they have been breached, and especially extorted. Ransomware is a growing global problem.
The cybercriminal’s objective of ransomware is to hold computers, and in some cases networks hostage in return for some sort of electronic payment. No one is immune, including corporations, universities, hospitals, and even critical infrastructure to these incursions. Many criminal gangs are now using ransomware as a weapon of choice as the risks are low of being prosecuted and the monetary rewards can be high. The threat in itself is alarming.
Ransomware can be planted via malware and spear-phishing attacks and the source code for hackers is readily available and often free. The files can be encrypted by the hacker and released when fees are paid.
The Institute for Critical Infrastructure Technology (ICIT) recently released an informative report on the topic of ransomware. They state that: “2016 is the year ransomware will wreak havoc on America’s critical infrastructure community. New attacks will become common while unattended vulnerabilities that were silently exploited in 2015 will enable invisible adversaries to capitalize upon positions that they have previously laid claim. “To Pay or Not to Pay”, will be the question fueling heated debate in boardrooms across the Nation and abroad.”
Experts estimate that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code. Success for hackers does not always depend on using the newest and most sophisticated malware. It is relatively easy for a hacker to do. In most cases, they rely on the most opportune target of vulnerability, especially with the ease of online attacks. Because of widespread availability of valuable data combined with many varying users in the networks, universities and hospitals make good targets for ransomware.
Recently, Hollywood Presbyterian Medical Center was victimized ransomware and ended up paying the hackers in cryptocurrencies to recover control of their systems. And The University of Calgary acknowledged it paid hackers after its networks were infected with ransomware. These are just two examples in a long list of growing targets.
There are remedies and protocols to detect violations and new anti-ransomware security tools are being developed. Combatting ransomware necessitates technical fortification but it requires policy frameworks that include strong vigilance and information sharing. The latter has been a challenge for cybersecurity efforts in both the public and private sectors. Industry is reluctant to share data that they consider intellectual property with government or other companies.
A new mindset is required as information sharing is an important element in defeating malware threats and patching software vulnerabilities. Also, some basic precautions can help mitigate threats and these include training employees to recognize malware and phishing threats, disabling macro scripts, and keeping systems updated. In the long run, emerging cybersecurity technology, and protocols may not be enough to thwart the exploding trend of ransomware. They can serve as mitigation tools and hope for global cooperative criminal enforcement to catch up to the threats.
Charles (Chuck) Brooks serves as the Vice President for Government Relations & Marketing for Sutherland Global Services. Chuck is also an Advisor to the Bill and Melinda Gates Technology Partner network, as Chairman of CompTIA’s New and Emerging Technology Committee, as a Fellow at The National Cybersecurity Institute, and serves on Boards to several prominent public and private companies and organizations.