Thoughts and tips on information security and privacy in an increasingly digital life

Ransomware

What is “ransomware”? (Or, A backup, a backup – my kingdom for a backup!)

27 Jan , 2017, 17.24 Linus Nyman

 

Since the dawn of humankind, people have been asking themselves big questions, like What’s the meaning of life, the universe, and everything? (A: 42.) Since the dawn of mankind, guys have been asking themselves big questions, like How can I make a living without doing any real work, or having to put on pants?

Some have tried to solve this problem by writing blogs. Blogs are mostly harmless. Others have tried to solve it by writing malicious software called “ransomware.” Ransomware is anything but harmless.

There are different kinds of ransomware, but the most common kind is one that will encrypt your hard drive and lock your computer. In practice, this means that your data is held hostage and you can’t access it. In order to decrypt your data you will need a key (a combination of characters – I’ll cover encryption in a later post). But, as you might have guessed, you won’t get the key unless you pay the ransom.

Ransomware (pic credit: Symantec)

An example of ransomware (picture credit: Symantec)

00:00:00

To add a bit of a Hollywood blockbuster feel to the whole thing, ransomware commonly displays a timer counting down to zero. What happens when it gets there depends on the flavor of ransomware you picked up. It could be that the price to decrypt your data doubles. It could be that the decryption key is destroyed. It could simply be that your hard drive is erased.

Or, in some forms of ransomware (like the one pictured above), it could be that you will be arrested. This is a form of ransomware that pretends to be from the police or the FBI (there are different versions). They state that you have been visiting illegal sites (you naughty person, you) and that you have illegal stuff on your hard drive. And now you have X hours to pay a fine or be thrown in jail.

In a fairly new twist on the genre there is a form of ransomware that says that you can either pay up yourself, or you can infect two other computers with the same ransomware. If you infect two others, the ransomware promises, you will get the decryption key for your own computer free of charge. (Do you have friends who are a part of your life mainly because you’ve known them since you were kids, and you haven’t quite figured out how to tell them you’ve grown apart? There’s an app a ransomware for that!)

Ransomware for the home, the car, and… the public transportation system?

Ransomware has been around for a long time, but has been increasing massively in popularity (if that’s the right word for it) over the past few years. There are computers pretty much everywhere, and computers are getting put into an increasing amount of stuff, thereby increasing the amount of potential ransomware targets. (“Smart” something-or-other means, among other things, that there’s a computer in it. Smart TV: TV with a computer. Smart phone: phone with a computer, etc.)

There have already been cases of ransomware in TVs, phones, and cars. But it’s not just individuals who get hit by ransomware. Companies have been affected. And hospitals, police stations, and even the San Francisco public transportation system. Somewhat oversimplified: show me a computer with an Internet connection and I’ll show you a potential ransomware target.

Hello, is this Evil HQ customer service?

The ransom payment for getting the decryption key is commonly required to be paid in “Bitcoin.” Bitcoin is a so-called cryptocurrency – a digital currency that can be paid over the Internet. But there are lots of people who may never have heard of bitcoin or know how to get hold of it. Ransomware has become a big enough business that getting infected with it often comes with access to a customer service representative, eager to help you with all your ransomware needs.

Internet privacy and security company F-Secure has published a report on the customer’s journey in the murky swamp that is ransomware. The report ends with excerpts from a long customer service exchange between a victim and the perpetrator. The victim expresses her confusion and discontent at the situation – she hasn’t ordered any encryption of her hard drive and can they please quickly sort this mess out so she can get back to work.

The customer service representative helps her to understand that she has been infected with a malware she neither wanted nor needed, and will now have to pay a ransom to get her data back. The victim thanks the representative for their help, and recommends that they consider finding a nicer job, “Something where you can feel good about what you do.”

Things you can do at home without having to put on pants: make backups of your important files. You can’t make a living off of it. But you can save both time and grief. And feel good about what you’re doing.

Leave a Reply

Your email address will not be published. Required fields are marked *