Monday, February 9, 2015

Netiquette IQ Blog Of The Day - MIT Article On Ransomware



 

 In past blogs, I have written about Ransom malware a couple of times. It is a debilitating experience for those it has effected. Read the article below to assist you in avoiding it!
 ========================================
Holding Data Hostage: The Perfect Internet Crime?
Thousands of people will have their personal files held hostage this year, by software that uses virtually unbreakable encryption. 

By Tom Simonite on February 4, 2015 from mittechnologyreview.com

Why It Matters

Sensitive personal data is vulnerable to hackers.

Every so often someone invents a new way of making money on the Internet that earns wild profits, attracts countless imitators, and reshapes what it means to be online. Unfortunately, such a shift took place last year in the world of online crime, with the establishment of sophisticated malicious software known as ransomware as a popular and reliable business model for criminals.

After infecting a computer, perhaps via an e-mail attachment or a malicious website, ransomware automatically encrypts files, which may include precious photos, videos, and business documents, and issues an electronic ransom note. Getting those files back means paying a fee to the criminals who control the malware—and hoping they will keep their side of the bargain by decrypting them.

The money that can be made with ransomware has encouraged technical innovations. The latest ransomware requests payment via the hard-to-trace cryptocurrency Bitcoin and uses the anonymizing Tor network. Millions of home and business computers were infected by ransomware in 2014. Computer crime experts say the problem will only get worse, and some believe mobile devices will be the next target.

Ransomware has been around for more than a decade. Older examples tended to be ineffective or relatively easy to defeat. But a new, more potent wave of ransomware emerged in late 2013 beginning with a version dubbed Cryptolocker. That malware infected Windows computers and in about 30 minutes would encrypt nearly all the data stored on them, as well as any external or network drives, locking up photos, music, and videos. Then it would display a message with a 72-hour countdown timer telling the victim to pay a fee (usually around $300) to retrieve the data. Step-by-step instructions explained how to send the money by buying bitcoins or using a prepaid debit card.

Cryptolocker was professional in its design, and it used an essentially unbreakable encryption system developed by Microsoft. At its peak, around October 2013, Cryptolocker was infecting 150,000 computers a month. And over the course of nine months, it is thought to have generated about $3 million in ransom payments.

The criminals behind Cryptolocker were taken down in June last year, after collaboration among the FBI, U.K. and E.U. law enforcement agencies, security companies, and academic researchers. Investigators broke into the network used to control the malware and uncovered a stash of encryption keys that were then used to create a free service to rescue data belonging to victims of the scam.

Because of the breakout, if temporary, success of Cryptolocker, the problem of ransomware seems sure to get bigger.

Uttang Dawda, a malware researcher with security company Fireeye, who worked on the Cryptolocker rescue tool, says computer criminals have identified ransomware as a valuable new business model. If well designed, it provides easier profits than stealing credit card details or banking information and then selling that data on the black market. The crooks “get anonymity, faster profit, and don’t have to spend time and money finding middlemen,” Dawda says.

The most successful ransomware circulating today copies Cryptolocker’s basic design but adds technical and interface-design improvements.

One of the first pieces of ransomware to gain traction last year, Cryptowall, added the twist of using the Tor anonymity network, allowing its operators to hide the location of their computers. Between mid-March and late August last year, Dell SecureWorks logged nearly 625,000 Cryptowall infections, including more than 250,000 in the U.S.

Another piece of ransomware, CTB Locker, is the fastest-growing today, says Dawda. It uses stronger encryption than previous specimens, the same Tor trick as Cryptowall, and even a clever “freemium” design: victims get a chance to decrypt some of their data for free to demonstrate that paying up really will work. CTB Locker comes in several versions, in languages including Italian, Dutch, German, and Russian, as well as English. It is spreading most rapidly in Germany, Poland, Mexico, and South America, says Dawda.

“Things are getting worse and worse, and we’re seeing more and more infections,” says Bogdan Botezatu, a senior threat analyst at security company Bitdefender. Botezatu’s says ransomware now takes up most of his team’s time. He generally advises victims not to pay but admits he understands why many do. “Once you fall victim to ransomware, there is absolutely no way to get your data back without paying,” says Botezatu. “But if you pay, you are only encouraging this business and funding their research and development.”

The recent rise of ransomware prompted the FBI to issue a report last month in which it warned that the crime poses a threat not only to home computer users but also to “businesses, financial institutions, government agencies, academic institutions, and other organizations.”

Some security researchers predict that 2015 will see significant efforts by criminals to get ransomware working on smartphones and tablets as well. These devices often contain highly prized personal files such as photos and videos.

The first ransomware able to encrypt files on a smartphone was picked up last summer by researchers at the company ESET. That malware, known as Simplocker, targets Android phones and encrypts photos, videos, and other data. Robert Lipovsky, who leads the security intelligence team at ESET, says Simplocker is “quite widespread” in the U.S. but most prevalent in Russia, Ukraine, and elsewhere in Eastern Europe. It is hard for malware to spread on mobile devices, because most people download software only from official app stores. Simplocker is typically spread through downloads of apps from pornography websites.

The best way to keep ransomware off your computer, experts say, is to follow best practices by keeping software updated, using antivirus and other security software, and being careful about where you click and what you install. Backing up data on a separate hard drive or using a cloud service could save you from being held for ransom if an infection does occur.
===================================

**Important note** - contact our sister company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================