Ransomware Becoming More Targeted
In an attempt to reap more cash from ransomware, hackers are now turning to more targeted, surgical strikes to businesses small and large. Ransomware started out as a general wide sweeping program that would infect a computer and lock its data behind super-strong encryption. In exchange for the key to decrypt and release the data the ransomware creators often asked for exorbitant fees. This left the average computer user without a choice but to just call it a loss and move on with a new computer.
Now, however, more targeted ransomware is beginning to show up. Small but malicious programs are infiltrating the computer systems of companies and holding data hostage for small but generous amounts of below $1000 USD. Based on the estimation of the data’s worth the hackers will calculate a ransom that would be paid quickly by the company in exchange for the release of the data. The ransom is often cheaper than hiring professional white hat hackers to break the encryption and it’s less than the data is worth (sometimes in the range of millions of dollars) so these companies do not bat an eyelash before paying these ransoms.
It’s an interesting turn of events for ransomware, as Krebs on Security notes. The FBI posted a new warning on Sept. 15, 2016 warning that these new variants of ransomware are not targeting individual users anymore, but business servers that can end up multiplying the effect by how many hosts the malicious software can get to through the server.
Seeing ransomware that targets people based on net worth isn’t new, but it’s becoming more and more common. Older ransomware kits had predefined amounts set for the ransom and would be selected based on the target’s geographical location. Aka, someone in New York City would potentially be given a higher ransom than someone in the hills of South Dakota.
What should companies do to prevent this from happening? Well, it’s never 100% easy to prevent ransomware from seizing control of a computer or server. However, keeping a good backup system of crucial data is key: in the event ransomware takes control of a computer, if you have the backup there is no need to pay the ransom. This is why maintaining a good backup system is a crucial element for any business, small or large, as well as for personal computers and computers owned by individuals and families.
If data is captured by ransomware and you do not have a backup, then obviously it’s necessary to determine the worth of the data, and whether or not it is economical to pay the ransom.
The FBI urges all victims of ransomware to report the crime to the FBI so that they can monitor and hopefully catch the criminals that perpetrate the malware.