In the days before computers, even before the telegraph – cash transfers were done by mail coach. These cash transfers could be hijacked en-route. And if we go back to England in the seventeenth and eighteenth centuries, there were Highwaymen. These individuals would wait, masked and on horseback at an uninhabited and vulnerable point along the highway. When the coach came into view, they would block the road and demand, “Stand and Deliver – your money or your life!”. The coach driver and any passengers then had to surrender their wealth in return for their lives.
This hold-up was an ordeal for the passengers, though it also had an impact on business. Today, there is the same threat – only using information technology rather than flintlocks. How much of your life is on your ‘phone and computer? How much of your business? If this were held-to-ransom, what would be the impact on you personally? Most people would have to agree – the phrase “your money or your life” still stands for as much today as it did three-hundred years ago, where ransomware is concerned.
Ransomware encrypts data on a device of PC and a payment is demanded for decryption. In the case of a business or organization, these electronic Highwaymen can encrypt a whole network – like the February attack on the Hollywood Presbyterian Medical Center, and March’s breach of MedStar Health in Washington. Security industry talks of little else at the moment. The FBI revealed that U.S victims had paid out $24 million in 2015. And for the first quarter of 2016, this figure is estimated at $209 million.
In the Infoblox DNS Threat Index for Q1 2016, research found dramatic new increases in ransomware infrastructure. This indicates that criminals know this is viable business – and it’s expanding. Infoblox research noted a 3,500% increase in ransomware activity compared to the same period last year. This isn’t a hacker in a bedroom – this has become big business for (very) organized, criminal networks.
It’s not just James Bond type super-cyber criminals that are into the market – it’s networks of ordinary crooks. With ransomware available as franchise deals on the Dark web, little technical skills are needed operate. Just pay some cash, get set up and configured to pay the bigger crooks their share – and you’re in business. Delivery of the malware is commonly by an exploit kit – these tools can be rented with full instructions and sometimes customer support.
Business needs to get to grips with this growing threat very quickly, and the bottom must be taken out of the ransomware market. All malware can be guarded against, if systems are kept up-to-date, securely configured and staff are aware of safe-working practices. And if efficient and regular backups are made of data – well, then should you be ransomed, you can do something that wasn’t possible three-hundred years ago – you can laugh in the face of the Highwayman!