Malware That Steals: Ransomware


27 June 2017

Password Security

In my last post, I reviewed some of the cooler ways to authenticate your identity in the critical scenarios of banking and airport security. Voiceprints, retinal scans and one-touch logins have all begun to augment even the strongest of passwords. Today, multifactor authentication – using a number of different methods to confirm your identity – has become industry standard on a number of different fronts.

But suppose yours is a smaller organization? And suppose, like many owners of a small or medium-sized business, you’re tempted to stick with strong passwords, at least for now? You and your team have enough on your plates already – why worry about something that’s worked so well for so long? Besides, professional hackers are really only after the big fish, right?

Fair question. The pros are out to get larger organizations, for sure – but don’t think they will stop there. The global ransomware attack of May 13, 2017 infiltrated an estimated 300,000 computers globally in 150 countries with a program called WanaCrypt0r 2.0. If it can happen to them, it could happen to any of us.

Garden-variety malware can harm your systems and destroy your data, but ransomware raises the stakes to a whole new level. As the name implies, ransomware seizes your digital credentials (or those of your customers) and holds them for ransom. If you don’t buck up to their demands, the people behind the ransomware will pull the trigger on whatever they threaten to do. They can delete your data, publish sensitive customer information (subjecting you to fines), or in some cases, empty your bank account.

How does ransomware worm its way into your life? Unsolicited links (cleverly disguised as an invoice or an angry customer email, for example) are frequent perpetrators, as well as ad banners, 3rd-party apps and a myriad of other methods. That’s the bait.

The actual phishing pole – the ransomware itself – is created and distributed by international crime networks on the dark web. Unlike the regular web that we use every day, the dark web requires special software to access. And, in the tireless spirit of innovation, there is now ransomware-as-a-service (or RaaS). Gone are the days when one needed a high level of technical sophistication to hold a company hostage.

How do these people get paid once they've hooked an unsuspecting user? The answer is bitcoin. Many of us are familiar with this digital currency, which has been around since 2009. (Recently, the value of bitcoin hit an all-time high – just under the value of an ounce of gold.) Criminals love bitcoin because it functions outside of any central bank, and is both widely accepted and requires no identity verification.

Today’s cyber criminals are no longer satisfied with destroying your company’s valuable reputation or wreaking havoc on your servers. They’re really in it for the money. Let’s throw down the gauntlet with a few technology upgrades of our own.

Read more about phishing and how to recognize your computer is under attack.



Abby Cunningham

Abby Cunningham

Abby Cunningham is a San Francisco-based writer-at-large for Intralinks. She has over two decades of experience in the enterprise technology arena, and a strong interest in helping everyday professionals keep confidential information out of the hands of hackers and villains with practical, 21st-century best practices. Her other car is a bike.