Ransomware: The Other Shoe Waiting to Drop

Recently, the US Department of Justice levied an indictment against three North Korean military hackers for their role in cyber-related crimes (see video below).

These included (but not limited to):

  • Targeting of and Cyberattacks on the Entertainment Industry: Such as the destructive cyberattack on Sony Pictures Entertainment in November 2014 in retaliation for the farcical movie The Interview.
  • Cyber-Enabled Heists from Banks: Attempts to steal more than $1.2 billion from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa.
  • Creation and Deployment of Malicious Cryptocurrency Applications: Development of multiple malicious cryptocurrency applications including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, and more, which would provide the North Korean hackers a backdoor into the victims’ computers.
  • Spear-Phishing Campaigns: Multiple spear-phishing campaigns that targeted employees of United States cleared defense contractors, energy companies, aerospace companies, technology companies, and more.
  • Ransomware and Cyber-Enabled Extortion: Creation of the destructive WannaCry 2.0 ransomware in May 2017, and the extortion and attempted extortion of victim companies involving the theft of sensitive data and deployment of other ransomware.

And it is to that last point that I thought a brief discussion on Ransomware would be warranted.

Even Digital Batman’s own father was a victim of a ransomware attack that left him $400 poorer!

Don’t let the be you! See below for tips on how to prevent Ransomware Attacks.

In 2019 over 187.9 million users were affected by this bold malicious threat to online activities such as web‐surfing, e-commerce, gaming, and more.

Put simply, this highly‐disruptive form of Internet‐viral malicious software (malware for short), not only infects your computer but holds all of your most precious files (i.e. photos, documents, apps, etc.) completely hostage—via permanently encrypting such files—until the victim is forced to pay a “ransom” to the criminal entity behind the attack for a decryption key to unlock the files. Usually to the tune of $100 ‐ $400 or more for individuals and up to $110+K for enterprises!

The amount of losses to businesses alone for 2021 are estimated to top over $20 billion!

No system is safe, from Windows 10 to macos to Android to iOS to Linux; desktop and mobile platforms alike are all in the crosshairs of these nefarious pirates of cyberspace.

This kind of cyber attack can have disastrous consequences to private citizens, small business, or even corporations. But the threat goes far beyond that.

Threat To The Modern Mobile Lifestyle

Close that tab immediately on your phone’s browser when you see this popup message!

Since the early 2000s, people have become wholly dependent on their mobile devices for virtually every aspect of their lives. From banking in the middle of a park, chatting with friends who are thousands of miles away via Facebook, to preparing for a 5K run using the latest wearable fitness tracker connected to one’s mobile device, and so much more, our modern society is becoming inexorably linked to these little inter-networked boxes.

And there’s where the prime opportunity for hackers to exploit such dependencies come into play.

Ransomware is a virtual gold mine of quick cash extorted from on‐the‐go people who need to have their smartphones up and running 24/7. People would rather pay $100 in untraceable Bitcoin funds than have their busy lives so disrupted.

For example, in 2014 Kaspersky Lab detected a new type of malicious ransomware code that affects Android devices designated: Trojan.AndroidOS.Koler.a.

This nasty bit of business not only affects Android phones such as a Samsung Galaxy but also the computers they were synched with, making it virtually impossible to eradicate.

Even Fun, Health, And Safety Is At Risk

This is just the frontal assault on a deeper incursion that threatens all of our connected devices, and our lives in general.

In 2015 Bromium Labs reported a list of Single User and MMORPG games that were directly affected by ransomware. Such games included on that list were:

  • Call of Duty
  • Minecraft
  • Assassin’s Creed
  • World of Warcraft
  • League of Legends

When countless hours have been spent on playing these immersive games, building extensive profiles, and achieving the highest‐levels of gameplay, these files are not so quickly abandoned should an affected game system be held hostage by an unscrupulous hacker.

But there are even more far‐reaching concerns involving the real threat of ransomware.

Wired Magazine posted an article in their July 2015 issue demonstrating that through the use of ransomware‐like malware, a motorist’s car can be hacked and disabled even while in transit posing a huge threat to the safety of the passengers inside.

From schools, public agencies, to hospitals no one is safe from ransomware; it’s not just a business/corporate scourge.

Other equally troubling concerns involve the next generation of bio-mechanical/medical devices such as pacemakers or deep‐brain implants. Imagine a dystopian science fiction scenario where one’s very survival depended on paying protection to a nefarious black hat racket in order to keep one’s heart pumping or brain working properly.

This is a very real possibility of ransomware attacks in the coming years as these IoT-enabled (i.e. Internet of Things) biomedical devices become “smarter” and wirelessly inter‐connected.

Most Common Types of Cyber Attacks on US Companies – Source: Statista.com

New Allies In The Fight Against Ransomware

However, all is not lost as Internet and computer software anti‐virus and security companies like Norton, Kaspersky Lab, McAfee, among others work round‐the‐clock to not only identify and neutralize these virulent forms of malware but also work in concert with local, national, and international law enforcement agencies to bring these shadowy dark‐web criminals to justice (as in the DOJ announcement at the beginning of this post).

And the fight against ransomware attacks continues.

Some of the lessons learned in this battle are:

  • Cyber-criminals are targeting easy victims of opportunity. Taking steps to protect one’s online activities reduces that risk.
  • Denying them easy points of access (like spurning Phishing emails that plant malware into one’s system), helps secure those points and disrupts the “kill chain.”
  • Consider carrying Cyber Insurance. You might need it if you or your organization are victims of a malicious ransomware attack.

In the meantime, while waiting for the other shoe to drop (or attempting to prevent it) online and connected users are encouraged to always back up their data on external drives, keep their anti‐virus software up‐to‐date, and never open any files from an untrusted source.

See this article here from Tripwire on other cyber-attack preventative tips.

And always check with your doctor to make sure your biomedical device comes with its own built‐in firewall!

A Few Ransomware Quick Facts

Comparitech has compiled a great list of 50 ransomware stats and facts. Here are a few highlights from that list:

  • Bitcoin was the primary method of payment for ransomware
  • A quarter of business executives would be willing to pay between $20,000 and $50,000 to regain access to encrypted data
  • A Massachusetts school district paid $10,000 in Bitcoin after a ransomware attack in April 2018
  • Nearly 40 percent of victims paid the ransom
  • Garmin suffered a severe breach that brought its GPS services offline for several days; the company allegedly paid a $10 million ransom to regain control
  • Criminals take the money and disappear without decrypting your data just 1% of the time
  • Over 70 percent of parents were most concerned about losing digital family photos or videos
  • Around 40% of MSPs and IT professionals believe their organization could not withstand $500,000 or more in damage related to a ransomware attack
  • McAfee predicts that attackers will increasingly target home-workers in order to compromise their employer

And the list goes on and on!