Encryption and Extortion: Ransomware Risks
by Natalie Oyler-Lusco | November 12, 2020
What is ransomware, anyway?
Ransomware is a form of malware “used by cyber criminals to hijack a user’s computer or mobile device and keep it under their control until the user pays for its release” (Greene, 2020). Per the Multi-State Information Sharing and Analysis Center (MS-ISAC), ransomware can infiltrate systems, devices, and files in several ways including:
- Unsolicited email attachments and links;
- Intrusion via unsecured connections;
- Infection via other types of malware; and
- It can also spread via embedded wormable properties which make it able to expand to an entire network (Aliperti, 2020).
Who and what does ransomware target?
Simply put, anyone can be a target of ransomware. However, it really depends on how lucrative your data will be to hold hostage. Therefore, as a general rule, the most popular targets for cyber criminals are colleges and universities, government agencies, healthcare organizations, utility companies, retail establishments, and the banking and finance industries – all of which deal in some very expensive data. Some highly publicized examples of ransomware attacks include:
- The WannaCry Outbreak of 2017 affected more than 200,000 computers in 150 countries. This DPRK-based ransomware hit Britain’s NHS, FedEx, Renault, and others (Jones & Bradshaw, 2017).
- SamSam was allegedly released “by a group of threat actors believed to reside in Eastern Europe” (Ragan, 2018). This ransomware hijacked the data of the City of Atlanta and the Colorado Department of Transportation.
How can I mitigate the risks to my personal data and to that of my organization?
Ransomware attacks can be devastating. In order to protect your devices from ransomware, the Federal Bureau of Investigation (FBI) recommends taking the following actions:
- Always update your antivirus software;
- “Enable automated patches for your operating system and web browser” (FBI, 2015);
- Use a strong and different password for every This may seem like an arduous task, but your browser and mobile device can help! Google and Apple, for example, offer strong suggested passwords when signing up for a new service online. Whenever you’re on a website that is collecting personal information, make sure to check the URL bar in your browser to see if the site is secure – you should see a lock icon, or something comparable, next to the web address;
- Never underestimate the power of a popup blocker! These browser extensions block annoying popups as well as ads, malware, and tracking codes;
- When downloading new software, particularly shareware and freeware, it’s imperative to make sure that the website you’re using is trustworthy;
- “Don’t open attachments in unsolicited emails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited email, even if you think it looks safe. Instead, go to the organization’s website directly (FBI, 2015);
- Treat your mobile devices the same way as your computer. Your smart phone is susceptible to the same threats when browsing the internet; and
- You and your organization should back up your systems regularly and “store the backed-up data offline” (FBI, 2015) for safe keeping in the event of a ransomware attack.
Where can I learn more about ransomware?
There are tons of online resources for ransomware information, including ways by which to reverse encryption, best practices for mitigation, and everything in between. Here are just a few resources to get you started on your way to understanding ransomware and reviewing your organization’s data security policies:
Aliperti, M. (2020, November 12). What You Need to Know About Ransomware. Center for Internet Security. https://www.cisecurity.org/newsletter/what-you-need-to-know-about-ransomware/
FBI. (2015, January 20). Ransomware on the Rise. Federal Bureau of Investigation. https://www.fbi.gov/news/stories/ransomware-on-the-rise
Greene, J. M. (2020). Ransomware. Salem Press Encyclopedia of Science.
Jones, S., & Bradshaw, T. (2017, May 14). Global alert to prepare for fresh cyber-attacks. Financial Times. https://www.ft.com/content/bb4dda38-389f-11e7-821a-6027b8a20f23
Ragan, S. (2018b, April 18). SamSam explained: Everything you need to know about this opportunistic group of threat actors. CSO Online. https://www.csoonline.com/article/3263777/samsam-explained-everything-you-need-to-know-about-this-opportunistic-group-of-threat-actors.html