It’s Time To Back Up Your Files: Ransomware Threat
By CHHS Extern Andrew Weissenberg
Imagine booting up your computer and opening your email to find a message from the police. It alleges you were spotted surfing illegal websites, and that the police would not stop pursuing you unless you paid a fine. The price for not paying is to have all the files on your computer encrypted, leaving you unable to access them. This is not a new movie plot. It is an international phenomenon called Ransomware.
Ransomware is a type of malware, which infects a user’s computer or smartphone, encrypts the hard drive, and then demands money to unencrypt the drive. The first instances of extortion occurred roughly one year ago, and have become increasingly sophisticated. CryptoWall 2.0, the latest strain of Ransomware, is immune from anti-virus software. The virus infects a user’s computer when they click on a link or attachment, or through existing malware on the individual’s hard drive. The hackers often send the emails under the guise of large, well-known companies. For instance, the email could say “someone has paid you on PayPal”, and provide a link to collect the money. Once this link is clicked, CryptoWall2.0 is unleashed, encrypting all of a user’s files, leaving the user unable to access even a single document.
This type of malware infects individuals and businesses alike. Recently, a small-town radio station had to shut down for a day after their entire music library, jingles, commercials, and audio files, were inaccessible due to a cyber attack. Even the government is not immune to these attacks. The Sheriff’s Office of Dickson County Tennessee recently paid a CryptoWall ransom to unlock 72,000 autopsy reports, witness statements, photographs, and other various documents. This virus has far more devastating consequences than the encryption of files. One form of Ransomware downloads child pornography on an individual’s computer, and threatens to report the pornography to the FBI if the user does not pay.
To thwart continued attacks, the FBI advises individuals not to pay the ransom. However, once a user’s files are encrypted by Ransomware, there is no way to retrieve them without paying. Unable to continue their daily routines, jobs, or operations, many individuals and organizations, including the Sheriff’s office in Tennessee, end up paying, perpetuating the cycle. Because of the critical nature of computer files, Ransomware has the potential to turn into a big business. For example, CryptoLocker, another type of Ransomware mainly affecting computers running Microsoft Windows, earned almost $30 million dollars in roughly 100 days. CryptoWall, a variant of Cryptolocker, has already infected more than 1 million computers, and as of September 1, 2014 earned over $3 million dollars.
The best defense against this form of Ransomware is to utilize a backup that is not connected to the machine in any way. Experts assert that storing information or files on a cloud or on a USB connected to the computer will not be effective against this new and sophisticated cyber threat. This is because directly connected backup systems will automatically sync the Ransomware to the backed up data. Other recommendations are to participate in security-awareness training programs, carefully examine all emails with links or attachments, and have multiple off-site backups. Additionally, individuals and businesses can purchase the CryptoLocker Prevention Kit, which includes articles, materials, and instructions to help prevent, and deal with an infection. Since the new strain is resistant to anti-virus software, all computer users must stay vigilant to protect against an infection.