- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
As if phishing, pharming and phraud weren't frustrating enough, the latest cybersecurity threat - ransomware - is an extortion scheme.
Ransomware involves the use of malicious code to hijack user files, encrypt them and then demand payment in exchange for the decryption key. The good news is that documented attacks have been rare. The bad news is that cases are on the rise, says FBI spokesman Paul Bresson.
One of the earliest recorded cases of ransomware was documented by Web-filtering software vendor Websense in May. A call from a panicked user revealed the swiftness and thoroughness of the attack. "All of a sudden, the files on his computer were in a format that was not human readable," says Dan Hubbard, Websense's senior director of security. Only one file - named "Important" - could be read. It contained the filenapper's instructions to send an e-mail to receive the decoder key. When the victim complied, a ransom note demanding $200 arrived. What might have been a malicious prank turned into a serious crime.
Fortunately, most end users only know about ransomware through media reports, not by direct experience. Perry Jarvis, network operations manager for the city of Burbank, is almost cavalier in his assessment of the ransomware risk. "Blocking this type of attack is already being performed by most companies," he says. Before files can be encrypted and then held for ransom, the attacker would have to gain access to the system - and most security professionals already are watching for intrusions and other forms of cyberextortion, he explains. More common than ransomware is a scheme where hackers break into a system - proving they can do it - and then demand payment not to attack. Gaming sites have been hit with this sort of crime, and some accept it as a cost of doing business, paying tens of thousands of dollars a year, according to sources.
Of all the ways a hacker could choose to do damage, ransomware is a fairly high-risk operation, says Gary Morse, president of penetration test company Razorpoint Security Technologies. "There are at least four or five points of contact necessary to pull this off," he says, noting that the criminal has to break into the system, leave malicious code behind, notify the victim, wait for a response, and get paid. Certainly, he adds, if one wants to earn a living through hacking, there are safer ways.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (11)
DecryptorBy Anonymous on July 16, 2007, 8:18 pmHi guys, Prevx have released a tool to decrypt the data. it cssn be found by visiting their blog... www.prevx.com/blog.asp
Reply | Read entire comment
I don't want to appear unsympatheticBy Travis on July 16, 2007, 5:05 pmThese guys are (fill in your own perjorative clause). They deserve to have the snot beaten out of them, or at least to face jail if you're a more civilized sort. But,...
Reply | Read entire comment
More infoBy Anonymous on July 14, 2007, 3:50 pmmore info here available here http://www.prevx.com/blog.asp?ID=31 about this specific case.
Reply | Read entire comment
They got the Portable Hard Drive...By Anonymous on July 14, 2007, 4:53 am"...In any case, I'm seeing if I can do any other last ditch backups of uncorrupted documents before I format the box. I hope there's a way to get the corrupted...
Reply | Read entire comment
Affected both my hard drive "C" and my external hard driveBy Anonymous on July 13, 2007, 12:04 pmAlso to note: I have an updated version of McAfee VirusScan, I use a DSL wireless router with a password encryption and my firewall is installed. They still...
Reply | Read entire comment
View all comments