By Milica D. Djekic
Our society is becoming dependable on new technologies in both – legal and illegal connotation. The hacker’s community is getting bigger and bigger and it’s right time to take some actions on to appropriately handle those threats.
Combating the cybercrime is not an easy task – especially if we take into account how skillful and sophisticated today’s security concerns could be. One of the most mature malware the black market is dealing with is ransomware. This sort of malicious application is well-developed and quite capable to lock your computer or some files and data being allocated within your IT infrastructure.
Through this article – we would talk a bit more about how that malware could get hazardous to anyone’s systems and what some of the best practices in fighting this challenge could be.
What is ransomware?
The ransomware is a computer’s malware that is capable to lock your system or some files and data and in order to unlock them, it seeks the ransom as a way of financial compensation. This sort of the malicious piece of software is the product of the cybercrime’s underground and it literally works as a quite sophisticated blackmail machine. There are two main types of this malware and they are locker ransomware and crypto-ransomware.
The cybercriminals dealing with this sort of business would do that for a reason they would obtain the reliable source of incomes once they find the right targets. They would not get selective about their victims – they would target anyone being willing to pay the ransom. The average ransom on the black market is around $300, while some common range of prices is between $200 and $800 per file.
According to some sources – the total economical loss being caused with this sort of cybercrime was more than $24 million in 2015 and the next year the level of infections with this sort of malware increased by more than 500%.
Obviously – it’s a huge concern to the entire legal environment. Also, we would mention that this type of malware would firstly get used in Russia and very soon it would get a threat in the western countries as well.
Today – the most threatened country being affected with this sort of product is the US being followed with the rest of developed economies.
The locker ransomware is able to lock your computers presenting itself as some Law Enforcement agency that found some concerning data on your computer and it would seek the money in order to unlock your machine. Many people dealing with this sort of message would experience some sort of the panic attack and they would so irrationally pay the required amount of a fine.
The real Law Enforcement agencies would always recommend avoiding paying such a blackmailing requirement, but people would get scared about their confidential data being allocated on that computer and they would give some money on. In addition, it’s important to mention that the way of payment, in this case, would be a voucher that could get converted into the money using the well-known online cash machines that would seek your voucher’s code in order to give you the financial compensation. Further, those incomes would get sent to fraud created debit cards and in such a manner the criminals would launder that money.
The crypto-ransomware is a cybercrime solution that would encrypt your files and data and seek from you to pay a fee in order to get a decryption key. It’s quite interesting that people would willingly pay for this sort of blackmail – even no one would guarantee them that they would get anything in return if they pay that ransom. As a way of the payment – the cybercriminals would use Bitcoins. It’s a quite common scenario that people would find some files being inaccessible and they would get a message that they need to pay a certain amount in Bitcoins.
So frequently – people would not even have their Bitcoin wallets and they would rush to open the one. We are quite confident that people reading this article would be familiar with this sort of threats and they would know that the targets would get a limited time to respond to the cybercrime’s demands. Finally, it’s clear that this sort of threat would need certain steps getting applied in order to cope with this type of security concern. Some of the best practice recommendations would get provided through this effort as follows.
The preventive methods
The ransomware is a quite recent security challenge affecting the developed societies several years back. It’s only one of the steps in a malware evolution and many experts would agree that it’s a quite mature solution at the present. In other words, the cyber industry got plenty of time to research this type of malicious code and develop some sort of response to it.
For instance, we would find some sources claiming that the entire anti-malware software would get capable to handle this sort of threat which is more than encouraging.
Also, we would deal with some web resources indicating that there are some tools being available online that could secure you from the ransomware attacks. In total, this would sound quite promising and we believe that the entire society would find a way to deal with this challenge.
It’s especially beneficial that the majority of the Law Enforcement agencies would get more and more capable to handle this sort of crime, so we can expect in the future that those services would be able to resolve the majority of our concerns.
The role of good incident response
In case of ransomware threat – it’s good to know that even if you are a victim of the cybercrime campaign – there are still the ways to respond to such a situation. For example, many experts would suggest that the best way to assure your IT infrastructure is to create its backup. You can do that using some physical devices or – as it’s quite popular nowadays – using some of the cloud-based systems.
In this case – we would talk about the crypto-ransomware attacks that would make your files and date getting locked. If you got the backup of your office – you would easily delete all the files being encrypted and recover your data applying the backup option. It’s quite obvious that the backup is one of the main best practice procedures that should get followed in any case.
The role of this effort is to provide a quite comprehensive insight into a cybersecurity challenge as ransomware is. We are aware of that this topic would get emerging nowadays, so please consider our article as something dealing with the new tendencies in the area of cyber defense.
Finally, the point would be that some future solutions would offer us better opportunities in coping with similar types of threats.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at University of Belgrade, Serbia, she’s been an engineer with a passion for cryptography, cybersecurity, and wireless systems. Milica is a researcher from Subotica, Serbia. She also serves as a Reviewer at the Journal of Computer Sciences and Applications and.
She writes for American and Asia-Pacific security magazines. She is a volunteer with the American corner of Subotica as well as a lecturer with the local engineering society.