Can you put a price on your data? Cyber Extortionists are betting on it.February 4th, 2015 |
It’s getting scarier and scarier out there. On the Internet, that is. The cyberhighway. The World Wide Web.
In February 2014, President Obama said that cyberterrorism was the country’s biggest threat. Case in point: in mid-2013, hackers gained access to the Associated Press’ Twitter account. The hackers sent malware through a “phishing” email. It was an “innocent looking email” and unbeknownst AP staffers clicked on the link, not knowing it was infecting their computers with spy software. Then, tweets from the Associated Press appeared on Twitter, stating that there had been two explosions at the White House with President Barack Obama injured. Within two minutes, the stock market dropped 143 points. We later found out that the Syrian Electronic Army claimed credit for the attack (Syrian hackers claim AP hack, WashingtonPost.com).
Max Fisher of the Washington Post asks a chilling question: What if the cyber criminals had hacked multiple news organizations?
The ubiquitous topic of cybersecurity has certainly dampened our sense of confidence. The fun and freedom of the internet is now circumspect; now we have to be on guard to visit a site; to buy something online; to click on an ad.
Cyber Terrorism: Do What I Tell You, or Suffer the Consequences
Sony Pictures and free expression
The hacking of Sony Picture’s servers in November 2014 put cybercrime on the map for many Americans. The hackers demanded that Sony cancel their release of the film “The Interview” (a black comedy that’s about assassinating Kim Jong-un, the North Korean leader). The hackers’ demand was simple: release the film and suffer the consequences. The consequences included violence against the families of Sony employees.
Sony chose to stream the film online, instead of releasing it in theaters. But the supposed hackers, known as GOP (Guardians of Peace), implanted a malware program on Sony’s servers, and stole 1,000 GB of confidential data. The confidential data included private salary information and personal emails. The aftermath played out on a global scale. It’s safe to say that the lives of some Sony executives changed forever.
The Next Big Thing: Ransomware
Ransomware is a sub set of cyberterrorism because it refers to software that takes control of a computer and holds the data hostage until its owner pays with monetary compensation. Ransomware typically spreads through fake emails and is designed to appear like a legitimate business email. The files are then infected and can only be accessed if payment is made through a third-party (MoneyPak, Bitcoin). In many cases, some victims have claimed that even when they paid the ransom fee, they still did not receive the “promised decryption key” to unlock their data and get their files back.
Zscaler ThreatLab said that “ransomware is one of the most popular malware threats this year, and claims infection rates have increased 700%” (Ransomware: City of Detroit didn’t pay, NetworkWorld.com).
The security firm McAfee is warning small businesses that their social media platforms will be swarming with ransomware attacks. An accidental click on an ad can leave victims powerless to access their data. A pop-up screen warns the user that the only way to access their data is to pay an “extortion fee.”
McAfee warns that ransomware roadblocks will be “ubiquitous” on social media because for one thing, the ransomware booby-traps are automated. Yep. Automated. There is no weirdo sitting behind a computer screen laughing muhahaha!
Cyber Extortion: Send me Money, and You Can Have Your Data Back (Maybe)
The City of Detroit
Did you hear about the City of Detroit and its ransomware event? This occurred in April 2014 but Mayor Duggan unveiled this information publicly at the Michigan Digital Government Summit in September 2014. According to Mayor Mike Duggan, Detroit’s entire database was encrypted – frozen -– and held for a ransom of 2,000 bitcoins (worth approximately $800,000). Duggan didn’t give in to the cybercriminals because “the database wasn’t needed by the city.” So, hackers logged off that day, empty handed. At the Summit, Mayor Duggan stated, “it was a good warning sign for us.” What’s more, this attack was just one of “several examples” that reflected “the city’s lack of updated technology and security” (Duggan: Detroit database held for ransom, TheDetroitNews.com).
Also closer to home…
We have also heard, first hand, about a prominent S.E. Michigan company falling victim to an extortion plot. The cybercriminal demanded $300 to unlock the company’s servers.
Guess what? The company paid the extortion fee. Since most businesses wouldn’t find $300 an exorbitant amount, the company paid the extortion fee so they could get back to work.
Three hundred dollars doesn’t seem that bad for a robbery, right?
That’s exactly what the cybercriminal is betting on.
And that’s exactly why you and I need to be concerned about our data. It’s not so black and white. It’s not easy to say “too bad, cybercriminal, I don’t need my data anyway.” Well, we do need our data.
Tennessee Sheriff’s Office
In 2014, a Sheriff’s Office in Tennessee was the target of a ransomware scheme. It happened so innocently, too. An employee had been streaming a radio station, and by mistake, clicked on a rotating ad that was infected with CryptoWall, a particular ransomware virus. CryptoWall stole 72,000 confidential files pertaining to police investigations. These were all vital police files – crime scene photos, witness statements, and crime reports. The Sheriff’s Office worked with the Tennessee Bureau of Investigation and the FBI. However, the Sheriff’s Department did something that “the experts say never to do.” The Sheriff’s Office paid the $500 ransom in the form of Bitcoin because it was the “the best way” to retain this sensitive data. The Sheriff’s Office was in between a rock and hard place. Paying off the criminals seemed easier than letting sensitive and in many cases, disturbing, information get out that could negatively impact trials, victims and their families (Tenn. Sheriff pays ransom, CBSnews.com).
Swiss Bank BCGE
Have you heard about the hacking of BCGE (Banque Cantonale de Geneve)? The Swiss Bank of Geneva provides diversified and high-quality banking services to private and institutional customers all over the world. A hacking group known as Rex Mundi went after BCGE, believing they had the perfect, vulnerable victim. Rex Mundi hackers claimed they had downloaded over 30,000 private emails and other “interesting data” on Swiss and foreign bank customers. The extortion fine was 10,000 Euros (approximately $12,000 USD). For a bank of this stature, this extortion fee is next to nothing. The bank had little time to hand over the Euros or humiliate itself and its customers by allowing Rex Mundi to leak private information (Hackers dump, NetworkWorld.com).
Despite the tremendous privacy and nature of this business, BCGE did not give into the cybercriminals. The bank said that they would rather take “the path of transparency.”
Therein lies the evil yet savvy intelligence of Rex Mundi – extort data at “small amounts. Bloomberg quoted that Rex Mundi pompously tweeted, “It is easier to get 10 companies to pay 10K than to get 1 company to pay 100K.”
Are cybercriminals developing retail qualities like Target and Walmart, where you can Save Money and Live Better by just giving into the cybercriminal’s seemingly bargain demands? Does everyone get what they want?
How much is your data worth to you?
Since the majority of us pay our bills online, use our bank accounts online, use credit cards, have dozens of active and inactive login credentials to web sites, as well as store our photographs on an array of social networking sites, we are all at risk – well, to be more specific – our data is at risk.
How can you avoid Ransomware Viruses? (Thanks to TheGuardian.com)
- Regularly update your operating system and security software.
- Invest in anti-virus tools, including Cryptolocker prevention kits.
- Don’t open attachments from unknown sources – period!
- Regularly back up important data and keep it within unconnected storage.
- Consider moving more data to cloud services offered by Google and others.
- Use software to identify if a computer is infected. If so, disconnect it from networks immediately and seek professional advice.
- If you believe you have been compromised, change online account passwords and network passwords after removing the system from the network.
- Block .exe files over email, including within ZIP files. This can usually be done using an anti-spam system.
If you’re a business owner, read this article by Forbes on preventing cybercrime:
Cybersecurity has been dominating the headlines for years now. Stories of cyberattacks, data breaches, and extortionist activities, are becoming unnervingly commonplace. Anyone at any time can become a target for cybercrime. A global bank… big and small companies….and yes, you and me.
What could even be scarier is that we are becoming jaded to these stories because we hear about them constantly. The ubiquitous accounts of cyberattacks can create a sense of apathy; we may think that the issue is far too big for us to do anything, which ironically leaves our data incredibly vulnerable.
According to the U.S. Federal Bureau of Investigation, cyberterrorism is any “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence.
Bitcoin is a new currency that was created in 2009 by an unknown person using the alias Satoshi Nakamoto. Transactions are made with no middle men – meaning, no banks. There are no transaction fees and no need to give your real name. Bitcoins are stored in a “digital wallet,” which exists either in the cloud or on a user’s computer. The wallet is a kind of virtual bank account that allows users to send or receive bitcoins, pay for goods or save their money. Unlike bank accounts, bitcoin wallets are not insured by the FDIC. Source: CNN.com/money
Ransomware is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. Ransomware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again. Source: Microsoft.com