Like what you've read?

On Line Opinion is the only Australian site where you get all sides of the story. We don't
charge, but we need your support. Here�s how you can help.

  • Advertise

    We have a monthly audience of 70,000 and advertising packages from $200 a month.

  • Volunteer

    We always need commissioning editors and sub-editors.

  • Contribute

    Got something to say? Submit an essay.


 The National Forum   Donate   Your Account   On Line Opinion   Forum   Blogs   Polling   About   
On Line Opinion logo ON LINE OPINION - Australia's e-journal of social and political debate

Subscribe!
Subscribe





On Line Opinion is a not-for-profit publication and relies on the generosity of its sponsors, editors and contributors. If you would like to help, contact us.
___________

Syndicate
RSS/XML


RSS 2.0

How to stop ransomware

By David Balaban - posted Wednesday, 16 March 2016


Cyber extortion by means of ransomware or DDoS attacks has grown tremendously over the course of just several months. Black hat hackers now utilize encryption technologies to monetize their viruses. Criminals found that stealing data is not as profitable as encrypting it. They infect computers, lock all files and ask for ransoms to be paid in digital moneylikeBitcoin. Security experts say ransom Trojans cipher files so strongly that they can only be decrypted with the help of secret keys that the perpetrators possess.

The offenders target all of us: individuals, non-government organizations, businesses, governments. They calculate the ransom sum depending on the target. Individuals usually have to submit 400 USD, while organizations like the recently compromised Hollywood hospital are forced to pay much more. Victims have two choices – lose data or pay. In most cases they end up paying to criminals, and this gives a boost to the cyber extortion market.

Hospitals, critical infrastructure entities, and police departments are very vulnerable. Files on their computers are precious. From the purely economic perspective, it is many times cheaper for organizations to pay hackers once in a while than prevent ransomware by investing in cybersecurity. Even the FBI people suggest to pay. The FBI is pretty much helpless at this point. The encryption is strong, and the cybercriminals are all oversees, usually in Eastern Europe and Russia.

Advertisement

Abandoned by law enforcement and security experts, the ransomware business is becoming a serious threat. A single virus called Cryptowall reportedly earned its operators more than 325 million dollars in ransoms. Meanwhile, people's lives are in danger when surgeries get postponed in hospitals paralyzed by these plagues.

Cyber extortion should be made unprofitable to stop this epidemic. Victims should stop paying. This can be done by improving legislation and policies. Paying ransoms should be treated as funding criminals/terrorism and therefore considered illegal.

Pros of making ransom payments illegal:

Psychologically, knowing that something is illegal is a big restraining factor.

Economically, huge fines can be imposed for paying ransoms. This will raise the cost to a whole new level, much higher than criminals demand. From the economic point of view, using security solutions and introducing security training - which is not cheap - will still be cheaper and cost-effective.

Potential victims will take their security posture more seriously, protecting their own and, more importantly, their clients' data.

Advertisement

A poll proved people support more the initiative to make ransom payments illegal. And yet, there are still a lot of people who object, so, actually it's a serious question.

Paying ransoms is already illegal in many countries.

  • Easy money will push more criminals to engage in ransomware activities, causing a snowball effect and more attacks.
  • Ransom demands are growing. Criminals ask for millions already.
  • By quickly agreeing to pay you just prove you are an easy target and can be infected again.
  • By paying you simply get your files back. Even if you remove the virus you cannot be sure there is no backdoor left. Remediation is not cheap for businesses; they still have to rebuild the whole network from scratch to make sure all is clear.
  • A real-world example: terrorists clearly figured out which governments pay ransoms for their citizens. Of about 53 hostages taken by al-Qaeda and its affiliates from 2009 to 2014 most were Europeans, while only 3 were Americans. This might be seen as evidence that the logic behind America's policy of not paying is sound.

Cons:

  • Making it illegal is criminalizing the victim.
  • In some cases, paying the ransom is the only hope the victim has of getting their data back. And there can be incidents when lives depend on data.
  • It's difficult to enforce any ad-hoc laws because it's problematic to prove that money was ever paid out.
  • Victims' sole goal is to just recover their files rather than support criminals.

Other proposals on stopping ransomware:

  1. All ransomware incidents should be reported to the Internet crime complaint institutions for further investigation. Ransomware attacks are growing, having all the official stats, crime complaint institutions may also facilitate the introduction of proper legislation to address the extortion vector of cybercrime.
  2. Extradition agreements should be expanded and more countries involved. Since the criminal rings behind most ransomware scams operate from Russia and a number of other Eastern European countries, they stay on the loose due to imperfections of local law enforcement. The fear of being apprehended for cyber felony and handed over to the jurisdiction of another state should make the scoundrels think twice before pulling off another attack.
  3. ISO standards could be toughened in terms of cybersecurity training and backup implementation. Offsite backups can significantly mitigate the damage from ransomware assaults. Furthermore, most of these Trojans propagate via social engineering based on malicious email attachments, therefore, personnel training on some typical malware injection scenarios should reduce the overall ransomware success rate.
  4. Digital money exchange companies should be certified and transparent. Crypto malware operators cover their tracks by taking advantage of Bitcoin system's anonymity. Allowing law enforcement to monitor ransomware-related payments could help find and arrest the extortionists. On the other hand, anonymity is Bitcoin's main virtue for law-abiding people, so this is still a very controversial issue.
  5. Put the most important information on paper. Any electronic data is vulnerable. Paper worked for centuries and can help in many cases. You cannot steal twenty million records without several trucks.

If the proposal to criminalize ransom payments is taken, the law should be equal for all. For instance, police departments should not pay either, which is not the case at this point. Surveillance authorities collecting our data should be punished the most. They mine immense amounts of citizens' data, and they insist they need more of it but fail to keep it appropriately while facing no real accountability.

Policymakers should adapt to the present-day cybercrime realm. The security industry and law enforcement proved to be completely helpless in face of ransomware. Not only have authorities failed to stop this threat, but ransomware just grows exponentially. At this point, there are hardly any obstacles to the progress of file-encrypting malware.

  1. Pages:
  2. 1
  3. 2
  4. All


Discuss in our Forums

See what other readers are saying about this article!

Click here to read & post comments.

9 posts so far.

Share this:
reddit this reddit thisbookmark with del.icio.us Del.icio.usdigg thisseed newsvineSeed NewsvineStumbleUpon StumbleUponsubmit to propellerkwoff it

About the Author

David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project.

Other articles by this Author

All articles by David Balaban

Creative Commons LicenseThis work is licensed under a Creative Commons License.

Article Tools
Comment 9 comments
Print Printable version
Subscribe Subscribe
Email Email a friend
Advertisement

About Us Search Discuss Feedback Legals Privacy