OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category

powered by pmc2m


Ransomware Made Easy

What is Ransomware?

Ransomware is a type of virus that encrypts your files and then charges you for the key to decrypt them. It was first seen in 2013 with the Cryptolocker attack, which encrypted the victim's files and charged them $150-$200 to recover their own files. It would also encrypt the files on a backup drive attached to your computer.

Since it was very successful and made its creators lots of money, it was immediately copied and improved upon. The latest Sonicwall annual report on cyber attacks says that there were 638 million ransomware attacks in 2016. Even if they are overstating the case, there were a lot of attacks. In addition to individuals, they are attacking banks and other financial institutions, hospitals and other businesses and government entities. One business said the attack cost them $2.4 million. Kaspersky labs reported 750,000 attacks against just their customers .

The price of recovery has gone up. Normally, the attacks occur because they convinced someone in the company to click on something they shouldn't have clicked on. Ransomware is careful to only attack your data files. They want to keep your computer online and running so you can make payments.

Since there is a lot of money to be made by miscreants using this technology, we have seen lots of innovation in the technology and distribution of the attacks. The technology is making it harder and harder to detect. Marketing innovations are helping more and more miscreants implement more and better attacks with less and less effort in a shorter time and for less money.

Ransomware as a service or one-time purchase

The latest improvement, from a marketing perspective, is Ransomware as a service. For a 30% commission, you can rent the ransomware software and install your own payload without needing to write the software yourself or purchase it. There are multiple competing companies exploiting this angle. Some of them offer:

  • Record keeping and a client management system including notes on a victim's account and technical support to help the victim setup the Bitcoin account for payments.
  • Technical support for the miscreants renting the service.
  • For an additional fee ($50), you can buy protection against future infections by the same Ransomware.
  • Once you have your files back, for a mere $20 extra they will clean up the virus on your computer.
  • The offer to get 2 or 3 files recovered for free, to demonstrate that recovery is possible.

These software companies compete with each other to provide the hackers with the best support and analysis tools.

Here is an advertisement from one of the companies selling Ransomware creation for the hacker too busy to write his own. https://www.youtube.com/watch?v=5WJ2KHoo5Fo&feature=youtu.be

What can I do to protect myself?

Really, there are only two things to do:

  • Practice safe computing: All the normal things that you need to do to keep your system safe including an up to date effective anti-virus, A good up to date browser with ad-blocker, and do not click on email links that could possibly be phony. Check links by hovering over them before clicking.
  • Have a backup that is not connected to your computer and does not provide a mapped drive. An off-site backup system like Spideroak will protect your data.

Further Reading

Date: March 2017

Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

  Please direct questions/suggestions about website to the webmaster