It's logical for attackers to go where the money is

Feb 14, 2017 16:04 GMT  ·  By

Ransomware is becoming one of the most widespread means of cyber attack, and as the technique evolves, the attacks are becoming more and more directed towards more lucrative industries, such as healthcare, critical infrastructure, education, small businesses, government, and so on.

While attacking regular people can be quite easy, it seems hackers have figured out that going after bigger fish is way more advantageous. According to a study released by phishing defense company PhishLabs, phishing volume grew by about 33% across the five industries mentioned above.

Phishing is, as you know, the most used technique to get into people’s computers, encrypt files and hold them ransom. Simply making someone click on the wrong link and downloading a file can put their entire organization in peril. The malware locks all the files and makes the victims pay for a decryption key. On most occasions, the key comes, but on others, hackers will just leave the files encrypted and never respond. There’s also the darker alternative where the data gets destroyed.

“Ransomware allows attackers to effectively utilize one configuration for all targeted users. It also allows for instant monetization - there are no credentials to sell, no fraudulent transactions to initiate, and no further social engineering is required,” the report reads.

Ransomware has had a high infection rate, but a low rate of success. That’s because, depending on the malware used, you can find decryption keys online that can do the job for free.

Payments are usually demanded in Bitcoin in order to keep up the anonymity shroud in place. This often makes perpetrators impossible to track.

A thriving business

As mentioned, there’s no surprise that ransomware has made a move towards industries, businesses and so on, but it’s more worrying. This time around, the records of thousands upon thousands of people are at risk, as well as critical files, which makes the situation that much more complicated. One hospital, for instance, paid to get back EMRs, X-Ray, and CT scans, while one hotel admitted to paying ransoms several times to unlock the room doors which used keycards.

The future doesn’t look too bright. According to PhishLabs, a large percentage of ransomware targets use Windows, although other platforms are also becoming targets. Therefore, as time passes, more and more attacks will feature malware created for OS X, Linux, mobile platforms and server operating systems. The Internet of Things isn’t safe either, especially given the low security implemented in these devices.

The best way to fight these attacks is to be vigilant. Don’t follow links you receive via email or texts from addresses and numbers you don’t know and even from those you know, be vigilant. Don’t put your data into pages you opened via such links, but open your own, regardless what service you want to log onto. Don’t allow Office macros to run and don’t open suspicious files.