Home of internet privacy

Is ransomware the greatest highway robber of the 21st century?

The days of a Dick Turpin type of character pulling you over on the side of the road and demanding your valuables in return for sparing your life are thankfully long gone but highway robbery has never really disappeared. It has instead morphed into another type of crime in which money is demanded with menaces – ransomware.

What is ransomware?

Ransomware is an internet-related crime that has largely flown under the radar. Whilst recent high profile events such as the Sony hack have revealed the hacker’s penchant for trying to extort money from their victim, and the last few years have seen an increase in the number of people and organizations coming forward to bemoan CryptoLocker, it is a crime that is almost as old as the internet.

The first known instance arrived in 1989 and was known either as PC Cyborg or the “AIDS” Trojan. Much like newer variants, it encrypted files on the victim’s hard drive, saying that a software license had expired. “PC Cyborg Corporation” then offered a way out – the unlocking of the files for a mere $189.

More recently, CryptoLocker has proven to be a bane for PC users around the world, locking up drives with RSA public-key cryptography, until such time as a payment of around $400 was handed over in return for their unlocking.

Other recent forms of ransomware include the RIG exploit kit which first appeared around April 2014. By adopting malicious advertising techniques – known as malvertising – the kit delivers Cryptowall, another form of malware that relies upon encryption with a 2048-bit RSA key.

Similarly, OphionLocker emerged last year, and is spread in much the same way that Cryptowall is. Using advanced elliptic curve cryptography it demands payment in Bitcoins and utilizes a Tor2web URL to provide the victim with instruction on how to pay in a manner that is incredibly hard to track or close down.

So how do you protect your devices, money and data from such an insipid attacker?

Frustratingly the means of protection and mitigation are rather simple so it is quite the surprise that so many people still fall victim to this type of extortion.

For some people the thought of paying the ransom may seem like a good idea. Whilst we’re sure that some people may have actually got their data back by doing so, reports of such online are few and far between. Handing cash over to the criminals will simply encourage them to continue, may lead to you being targeted again with other types of attack and goes onto finance who knows what.

How to protect yourself from ransomware

It’s much better then to ensure that you don’t become a victim in the first place and below are some tips on how to do just that:

Featured image: Andrey Armyagov / Dollar Photo Club