Page 48 - Cyber Warnings
P. 48
Be aware or you may become a victim of Ransomware
By Prerna Lal, Faculty, International Management Institute, New Delhi, India
Recent news regarding WordPress sites being hacked to deliver crypto ransomware to unwitting
end users, Oxford school computers being hacked with ransomware, and Hollywood
Presbyterian Medical Center getting hit with ransomware are alarming as these incidents are
increasing with unprecedented numbers.
Ransomware is a type of malware that often infiltrate systems and prevent or limits users from
accessing their system or may even encrypt victim’s files. Attackers then force victims to pay
ransom to get access to the system or decrypt data files. The ransom is often paid in form of
electronic currency, such as bitcoin, which is very difficult to track.
How ransomware works?
Ransomware gets gain access to into the victim’s computer in a number of ways; it can get
downloaded unknowingly by visiting a malicious or compromised website, or by clicking on an
infected popup advertisement, or downloading an effected attachment, or by getting tricked into
purchasing a fake antivirus software. Once it is downloaded, it takes the victim’s computer
hostage. Subsequently, it may either lock the victim’s computer or encrypt various types of files
(e.g., doc, jpg, etc.). Finally, attackers put pressure on the victim to pay as demanded within a
specified time failing in which their data will be destroyed or posted on the Web.
How serious the threat is?
Past few years have witnessed the tragic suicide by UK teen after receiving a bogus "police"
email which claimed he had been browsing illegal websites and had to pay ransom £100 or face
being prosecuted. In another incident, Romanian ransomware victim committed suicide with his
4-year-old son after receiving similar email which deceptively informed him he needed to pay a
fine for downloading porn or risk going to jail.
Other than individuals, organizations are also becoming a target of ransomware. Criminals are
finding it more lucrative as they demand millions of dollars to unlock or de-crypt the
organizational data. For organizations, data is critical be it hospital, bank, or school, and
moreover, if systems are down for even few hours, it may harm their business as well as
reputation. Criminals take advantage of this by attacking organizations and demand a large sum
of money.
Recent advancements such as introduction of the Internet of Things (IOT) are more vulnerable
to ransomware attacks resulting in hacking and ceasing our day to day operations. On one
hand, IOT helps individuals as well as organizations in managing their security, lights, machines
or appliances through a system or even a mobile device. While, on the other hand, if cyber
criminals get hold of these systems and are able to lock them, then it may lead to a very grave
48 Cyber Warnings E-Magazine – March 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
