If you're old enough... and geeky enough, you may remember this:
All Your Base Are Belong To Us was one of the famous early internet memes. You can take a break and read more about it here and here.
Memes are fun! But ransomware isn't. We've talked about ransomware many times in the past. It's a kind of virus or malware (malicious software). It's been in the news quite a bit and the healthcare industry has had particular ransomware problems. And the news will continue after May's "WannaCry" and June's Petya/GoldenEye global attacks.
Basically, in a ransomware attack, infected computers cause data to be encrypted. Normally encryption is a good thing, but only when you can also decrypt your data. In this attack, only the attacker can restore your access to the information, and will do so for a "small consulting fee".
Payment is typically made using Bitcoin. Bitcoin has also been in the news. It is what is called a "crypto-currency". It's basically an online way to pay for things, kind of like an online debit card where you already have the funds in your account. The main reason Bitcoin is used for ransomware is that it is fairly anonymous, particularly when compared with traditional credit cards or banking. It's not completely anonymous - it does protect identity during transactions, but eventually someone may have to turn that bitcoin into other traditional currency.
With all the ransomware attacks, some organizations are getting bitcoins so that they are ready in case they need to pay ransom!
Law enforcement typically advises against preemptively buying bitcoins and paying ransom... except when they don't!
Here's the thing... if an organization pays the ransom, there is no guarantee that the attacker will provide the key to decrypt their data! This has happened in the past. Or, if an organization pays they have shown that they are both vulnerable and a source of income for the attacker. So wouldn't that attacker hit the same organization again? And again.
That said, there could be situations in which an unprepared organization may have no other alternative than to pay the ransom. We have seen this in the news, and not just from small organizations.
Memes are fun! But ransomware isn't. We've talked about ransomware many times in the past. It's a kind of virus or malware (malicious software). It's been in the news quite a bit and the healthcare industry has had particular ransomware problems. And the news will continue after May's "WannaCry" and June's Petya/GoldenEye global attacks.
Basically, in a ransomware attack, infected computers cause data to be encrypted. Normally encryption is a good thing, but only when you can also decrypt your data. In this attack, only the attacker can restore your access to the information, and will do so for a "small consulting fee".
Payment is typically made using Bitcoin. Bitcoin has also been in the news. It is what is called a "crypto-currency". It's basically an online way to pay for things, kind of like an online debit card where you already have the funds in your account. The main reason Bitcoin is used for ransomware is that it is fairly anonymous, particularly when compared with traditional credit cards or banking. It's not completely anonymous - it does protect identity during transactions, but eventually someone may have to turn that bitcoin into other traditional currency.
With all the ransomware attacks, some organizations are getting bitcoins so that they are ready in case they need to pay ransom!
Law enforcement typically advises against preemptively buying bitcoins and paying ransom... except when they don't!
Here's the thing... if an organization pays the ransom, there is no guarantee that the attacker will provide the key to decrypt their data! This has happened in the past. Or, if an organization pays they have shown that they are both vulnerable and a source of income for the attacker. So wouldn't that attacker hit the same organization again? And again.
That said, there could be situations in which an unprepared organization may have no other alternative than to pay the ransom. We have seen this in the news, and not just from small organizations.
I'm not going to go into an explanation of how bitcoin works. If you're interested, here are some resources. But unlike funds in most regulated banks or investment companies, there is no such oversight protecting bitcoin or other crypto-currency. The bitcoin holder has considerable responsibility, and needs knowledge, to protect their wallet.
And, in fact, there have been some attacks on crypto-currency holders. From the highly-publicized attack on bitcoin exchange Mt. Gox in 2014, to more recent thefts, poor security has lead to losses. And without any kind of government or hard-asset backing, stolen bitcoin is likely unrecoverable.
As for the future of crypto-currencies, only time will tell. If you decide to get some bitcoin or other online currencies, be sure that you're protecting your digital wallet with very strong passwords, use 2-factor authentication wherever you use online transactions, and you can even store your digital wallet offline on removable media like a usb stick. Here are a few more ideas.
Even if you're not considering online/digital currencies, many people use their smartphones either for payment (Apple Pay, Android Pay, etc.) or for their banking. Here are some tips for protecting your mobile smartphone wallet.
Have you, or would you, use online crypto-currencies like Bitcoin?
Thanks so very much for taking your time to create this very useful and informative blog. I have learned a lot from your blog. Thanks!!internet security
ReplyDelete