- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
As if phishing, pharming and phraud weren't frustrating enough, the latest cybersecurity threat - ransomware - is an extortion scheme.
Ransomware involves the use of malicious code to hijack user files, encrypt them and then demand payment in exchange for the decryption key. The good news is that documented attacks have been rare. The bad news is that cases are on the rise, says FBI spokesman Paul Bresson.
One of the earliest recorded cases of ransomware was documented by Web-filtering software vendor Websense in May. A call from a panicked user revealed the swiftness and thoroughness of the attack. "All of a sudden, the files on his computer were in a format that was not human readable," says Dan Hubbard, Websense's senior director of security. Only one file - named "Important" - could be read. It contained the filenapper's instructions to send an e-mail to receive the decoder key. When the victim complied, a ransom note demanding $200 arrived. What might have been a malicious prank turned into a serious crime.
Fortunately, most end users only know about ransomware through media reports, not by direct experience. Perry Jarvis, network operations manager for the city of Burbank, is almost cavalier in his assessment of the ransomware risk. "Blocking this type of attack is already being performed by most companies," he says. Before files can be encrypted and then held for ransom, the attacker would have to gain access to the system - and most security professionals already are watching for intrusions and other forms of cyberextortion, he explains. More common than ransomware is a scheme where hackers break into a system - proving they can do it - and then demand payment not to attack. Gaming sites have been hit with this sort of crime, and some accept it as a cost of doing business, paying tens of thousands of dollars a year, according to sources.
Of all the ways a hacker could choose to do damage, ransomware is a fairly high-risk operation, says Gary Morse, president of penetration test company Razorpoint Security Technologies. "There are at least four or five points of contact necessary to pull this off," he says, noting that the criminal has to break into the system, leave malicious code behind, notify the victim, wait for a response, and get paid. Certainly, he adds, if one wants to earn a living through hacking, there are safer ways.
The Leader in Network Knowledge
Comments (11)
DecryptorBy Anonymous on July 16, 2007, 8:18 pmHi guys, Prevx have released a tool to decrypt the data. it cssn be found by visiting their blog... www.prevx.com/blog.asp
Reply | Read entire comment
I don't want to appear unsympatheticBy Travis on July 16, 2007, 5:05 pmThese guys are (fill in your own perjorative clause). They deserve to have the snot beaten out of them, or at least to face jail if you're a more civilized sort. But,...
Reply | Read entire comment
More infoBy Anonymous on July 14, 2007, 3:50 pmmore info here available here http://www.prevx.com/blog.asp?ID=31 about this specific case.
Reply | Read entire comment
They got the Portable Hard Drive...By Anonymous on July 14, 2007, 4:53 am"...In any case, I'm seeing if I can do any other last ditch backups of uncorrupted documents before I format the box. I hope there's a way to get the corrupted...
Reply | Read entire comment
Affected both my hard drive "C" and my external hard driveBy Anonymous on July 13, 2007, 12:04 pmAlso to note: I have an updated version of McAfee VirusScan, I use a DSL wireless router with a password encryption and my firewall is installed. They still...
Reply | Read entire comment
View all comments