Ransomware near-term perspective
Ransomware popularity increases – a real money making
The strategy is clear: a virus infects your PC and encrypts your data until you pay a ransom. The hackers create bit by bit instruction on how much to pay and even offer how to buy bitcoin if you are a new one in such issues. Usually, the sum comes to a few hundred dollars. Many users think that this is a better solution rather than giving up. Such systems are really profitable, none other but their designers know it.
Recently, WannaCry ransomware hit more than 150 countries. It has a rather particular origin: the basis of it is fragility of the National Security Agency, which one can use to disorder many versions of the Windows operating system. An unknown hacker knot called Shadow Brokers stole the NSA’s code (the security community considered these hackers to be the Russians) in 2014 and gave it to the world in April.
Microsoft fixed the weakness a month earlier after the NSA alert message that the information leak was inevitable. But older Windows versions were also infected, and unfortunately, there are a lot of users who do not care about their systems security. So, it is a great chance for WannaCry creators to infect computers and blackmail their users.
Good advice is to regularly update your system patches and REGULARLY backup your data.
Practically, everything we use is a computer. Microwave is a computer for making food hot, refrigerator is also computer for keeping it cold. The traffic, your TV, car are also computers. This Internet of things makes a fuss around, and once connected to the Internet, they become vulnerable to ransomware and other threats and hackers’ tricks.
It would be not surprising that soon people get messages on their car screen like: if you want to activate your engine, pay $200 in bitcoin. Similar extortions will be typical tricks of hackers.
It seems to be nuisance at first, but such attacks have already taken place: a ransomware attempt to damage smart thermostats. Moreover, if there is no screen on your device, the message will be sent on the smartphone app you control it from.
The usual methods would be ineffective to cope with these embedded systems. Besides, you don’t know for sure that payment you made will help you to resolve the problem.
What will be the next steps when the companies that produced washing machine or a computer part pull out of the deal or made statement about their disability to support older models? But WannaCry hit a version that Microsoft doesn’t support anymore.
The creation of those devices is budget-oriented, the companies don’t even have the specialists in security sphere who are on the alert to distribute security patches. Moreover, a lot of these devices are not patchable. Remember the case of the MIRAI botnet infection of webcams, Internet-enabled digital video recorders; many websites were dropping off the Internet. One attack – and a new software couldn’t help your device to be repaired. The only way is to buy a new DVD instead of repairing the attacked one.
The way out isn’t easy. The market cannot get it right alone. Security can help to avoid all negative consequences. So, we need to keep an eye on the companies that distribute insecure software and to enforce regulations, which must be followed by companies all the time. It would be effective if the NSA will pay more attention to security of our information infrastructures.
All these measures are necessary for users not to be hit by the criminals over and over again.