Have you ever imagined why the cyber-attack technique called Ransomware is so powerful and popular? The surge of this attack has been devastating, causing lots of companies’ massive monetary and data losses.
Many developed nations where technology is predominantly used for everything are making frantic effort to avert imminent attacks. Yes, imminent attacks, because there would always be attacks. It is therefore imperative for developing nations like Nigeria where Ransomware attacks are still peripheral to take a different approach towards this surge.
Frankly, there are still some Nigerian firms that have not started paying critical and cautious attention to cyber-attacks. And the recent Petya and Wannacry Ransomware attacks served as a wakeup call for some companies as well. These attacks, especially the Wannacry massively heightened the popularity of Ransomware, despite being in existence for over two decades.
Petya, for instance, is simply one of the newest Ransomware techniques developed by hackers; it came into existence in 2016. Although, some analysts from Symantec, a software security American firm argue that Petya is slightly different from Ransomware. But I agree because Petya can overwrite and encrypt a Master Boot Record (MBR). It doesn’t just encrypt your data.
Master Boot Record (MBR) according to Wikipedia is a special type of boot sector at the very beginning of partitioned computer mass storage devices like fixed disks or removable drives intended for use with IBM PC-compatible systems and beyond.
Although Kaspersky Lab takes a different view, its preliminary findings suggest that it is not a variant of Petya Ransomware as publically reported, but a new Ransomware that has not been seen before. “Our analysts are investigating the new wave of ransomware attacks targeting organizations across the world. That is why we have named it NotPetya,” Kaspersky Lab said on Twitter, 27th June 2017.
Another form of Ransomware that was took every firm at their feet is the WannaCry. The last WannaCry attack which would have struck Nigeria severely if not for rapid intervention by technology industry stakeholders in Nigeria. At least, they were able to organize massive awareness and enlightenment campaign, taking proactive measures to deal with any reported incident promptly.
“Ransomware attacks are surging because attackers have perfected their techniques while enterprises in all sectors have failed to address critical security shortcomings, says Raimund Genes, Chief Technology Officer at Trend Micro.
“It’s the rise of anonymous money transfer services using TOR, bitcoin and other means that the bad guys have perfected. Anonymous stuff today like Ukash, Bitcoin, iTunes gift cards and the dark web make it very difficult to trace the attacker.”
Apparently, security experts have emphasized that most organizations are paying leap service to cyber security. That is why the vulnerability rate to cyber attack is usually on the increase, in a geometric progression if you ask me.
“Companies spent so much time and effort on silver bullets against APT that ransomware seems to have caught them by surprise. Ransomware is a reminder that basic security should not be forgotten.”
Aside from the sensitization programs initiated by Cyber Security Experts Association of Nigeria (CESAN) and others, kudos should also be given to technology firms; fintech and banking industry, they are taking the lead when it comes to protecting data and critical infrastructure in Nigeria.
In synopsis, a typical ransomware attack is when you no longer have access to your computer due to malware that was launched. You probably have clicked on a malicious email that was sent to you, and once you have done that, you are infected. At this point, you can only regain access when you pay a particular amount of money to the attacker.
Historically, in 1989, a biologist from Harvard mailed 20,000 malicious diskettes to attendees of the World Health Organization’s AIDS conference. These malicious disks encrypted the host computer’s file names. In order to regain access, victims were told to physically mail $189 to a post office box in Panama.
Here are some of the reasons why the surge of Ransomware attacks have been made popular.
Ransomware is Easy
Ransomware is not as stringent as you think it is. You don’t need coding skills to launch a ransomware attack to your target. If you are attacked, for instance, you will be the one looking for the attacker; the hacker doesn’t look for you. If it’s the credit card that was stolen, the hacker would be propelled to start looking for someone to buy the credit card.
Further, Ransomware does not need exfiltration of data. The process is much more programmed and streamlined in such a way that it doesn’t exfiltrate information.
“Ransomware was easy to use, low risk and offered a high reward. The return on investment is very high,” says Bart Parys, a security researcher who helps to maintain a list of the growing numbers of types of this kind of malware
Ransomware is Scalable
The truth is that the threat posed by ransomware is incredibly scalable and the defense for it is also scalable. There are enough articles to study the operations, at the same time building defenses based on the behavioral pattern of the operations, not necessarily the specific signature that is used.
Ransomware Relies on Open-Source Software
This is astonishing and has been a major factor that has contributed to the popularity of ransomware. All Open Source Software are ubiquitous and apparently lacks the security apparatus to fight attacks. Although, there is no perfect code either open or not, what is paramount is security conscious.
Open-source software (OSS) has a licensed source code which is made available by the copyright holder providing, change, and allocates the software to anybody for any purpose.
“The trick isn’t to write perfect code, which is impossible, but rather to write and hack code in such a way that vulnerabilities get weeded out fast. This is one reason open source has proven to be so popular: more secure or not, it offers easier access to discover and fix bugs,” says Matt Asay, veteran technology columnist.
Let’s keep fighting ransomware.