Mimicking pirates plundering on the high seas, cyber pirates today use malware attacks as a new money-making scheme. Healthcare providers, municipalities, transportation companies, banks, manufacturers, churches and other non-profits worldwide have been hit by attacks demanding a ransom. The malware locks down the computer and mobile devices, or encrypts the files. The files can’t be accessed unless the ransom is paid.
Many times, the ransom note appearing on the victim’s screen has a digital clock ticking down the minutes and seconds from 72 hours. When the timer expires, the ransom demand doubles. If the ransom is not paid after a week the files are deleted forever. The threat should not be taken lightly.
In the WannaCry attack of 2017, cyber criminals exploited a vulnerability in the Windows operating system that allowed the cyber pirate to take over more than 300,000 computers worldwide. Within days of the initial attack, unrelated third-party hackers began altering the malware’s original code to make the virus more difficult to kill. The ransom demand was $300, payable in Bitcoin. Microsoft’s XP operating system, which Microsoft stopped supporting in 2014 but is still widely used around the world, was very vulnerable and was hit particularly hard.
Pay the Ransom?
According to a report published by Sophos, the average cost per ransomware attack to businesses was $133,000 in 2017, although that is changing. Cyber security expert Brian Krebs writes that ransomware attacks are becoming more targeted and the ransom demands more expensive. Many security experts strongly recommend against paying the ransom. They argue that sending money to cyber criminals reinforces bad behavior and proves that ransomware works; they suggest there is no guarantee the decryption key will be sent. Notwithstanding, Trend Micro found the majority of organizations that got infected paid the ransom.
Before paying a ransom, victims should find out if a solution has already been found. Krebs recommends victims visit the “Crypto-Sheriff” page at www.NoMoreRansom.org, a site backed by security firms and cybersecurity organizations in 22 countries. NoMoreRansom claims it saved over 6,000 victims of ransomware more than $2 million in its first six months of operation.
- Install computer and software updates, especially anti-virus software. Update at least weekly.
- Educate employees about safe email practices such as:
- - Don’t click on embedded links unless the true source of the email can be validated.
- - Only open attachments you’re expecting.
- - Scan attached files with antivirus software before opening.
- - Don’t open unsolicited e-mail.
- - If you open spam, don’t click links to unsubscribe unless the sender is a trusted vendor.
- - Never forward messages, which reveal coworkers’ and colleagues’ e-mail addresses.
- - Create a generic e-mail account for newsletter subscriptions.
by Frank Abagnale, former Catch Me If You Can con-artist turned 40+ year FBI consultant