Ransomware gaining momentum
This post is meant to educate readers about previous and future impact of Ransomware attacks and the lessons learned from them. These are from my own perspective. While I make every effort to be thorough and hit every aspect, there are times that I inadvertently omit things or skip them due to scope, time, length or applicability. Email any questions you have about this or any other topic to [email protected]
The opinions expressed in this post do not necessarily reflect those of Matthew’s employers: past, present, or future. While I am a security professional, I am not your security professional. The data included in this post is sound by current industry parameters, your mileage may vary.
Ransomware is gaining alarming momentum and this mostly because of the lack of attention it is receiving. Ransomware is running rampant under the radar because most businesses just do not pay attention. According to a study sponsored by Malwarebytes, a review of 540 business spread across North America and Canada, “Nearly 40% of the businesses had been hit by Ransomware over the last year.”
This means that 40% of businesses in North America are being hit with malware that infects and encrypts its files and database stores until they pay a ransom, typically in Bitcoin.
Most of all, one of the scariest things about this situation is the fact that most businesses pay the ransom instead of attempting to get law enforcement involved. The most surprising aspect is that the small to medium size businesses are now the primary targets vice individuals. Notably, this shift has been largely based on softness of the target and risk/reward variance being relatively low.
SB-1137 Computer Crimes: Ransomware
There has been some pushing in government to fight back against the growing plague of Ransomware. California just recently passed new legislature in the form of Senate Bill No. 1137 Computer Crimes: Ransomware. This new tool for prosecutors is going to be a first step in actually addressing computer crime for what it is, extortion and theft. SB 1137 makes a felony in the state of California and punishable by up to four years in prison.
Whilea good step in the right direction, SB 1137 is not going to stop the tidal wave that Ransomware’s easy targets of opportunity. This bill was the result of a high-profile Ransomware attack on a large hospital in Los Angeles. According to BleepingComputer, “In February 2016, Hackers had locked down several hundred computers at the hospital and forced staff and doctors to work with pen and paper for a few days. While the gang initially asked for $3.6 million in ransom, but they were rather content when they received $17,000.”
Ransomware isn’t slowing down until a more effective mechanism that helps users make the right decision. This applies to both mail links and attachments. Therefore, the only course of action you can apply that hasn’t really been tried much as of yet, is a more automated system that can detect different encryption programs before they launch is probably. This is cost prohibitive. When will we reaching the tipping point? Consequently, there does not seem to be on at this point.