Imagine all your computers, tablets and data locked up with an encrypted password. The culprit wants $55,000, paid in bitcoin, to unlock them. Your choice is to pay up or start over.
Sadly, this is 2019’s reality.
It’s called Ransomware and there have been 22 major, Public Sector Ransomware attacks so far in 2019. Ransomware is software that infects computers and encrypts everything it touches. You need an “unlock” encryption key to access anything. Attackers will give you the key in exchange for an amount of money they determine.
Every news organization has reported the big hits: The Cities of Baltimore, Atlanta and Newark, The Cleveland Airport, the Port of San Diego and even Indiana’s Hancock Hospital all encrypted and shut down. Imagine being in critical care and the hospital can’t use any technology.
Who else is at risk? HealthITSecurity.com reports that 71% of the ransomware attacks in 2018 targeted small business. Most private business’s hide the attack and pay the ransom. Logic says attackers are now going after bigger targets that generate more money. However, the facts say ransom activity is spiking as more attackers become equipped.
During a recent 60 minutes report, a Cyber Security consultant demonstrated how he could “contract” ransomware software “as a service” on the dark web. In less than 5 minutes he had downloaded his own version of the software and the company providing the service takes a “cut” of the ransom.
Did you know there is now a web site dedicated solely to finding the unprotected devices on the internet (shodan.io)? Why would any law-abiding citizen want that?
We are in the “Wild West” days of Cyber Crimes. There is money to be made (or stolen) by anyone willing to sign on to their computer. Evil people don’t even need a gun to rob this stagecoach!
The thieves have become honorable. Years ago, when ransoms started, the chances of getting a key that unlocked your data was very low. Now, the crooks have realized that if they are reputable, they can demand higher ransoms. So today, people who pay typically get encryption passwords that unlock everything.
The creators of “Sam Sam” ( a popular ransomware) have been identified and (theoretically) shut down. So have several other big Ransomware distributors. No large ransomware thieves are in jail or being prosecuted by the U.S currently. They live in countries where we cannot extradite them successfully. That means waiting until they travel or move to a country that will allow us to intervene.
How these attacks happen is multi-faceted. The primary source is phishing emails. A phishing email tries to get you to open an attachment or click on a link. The attachment or the link then installs ransomware directly or it downloads it later from Malware it adds to your computer. As Cyber Criminals improve their techniques, they access devices like a wireless speaker that is unprotected on the internet. Most of these contain a user’s email address. They will then identify the unit, browse the music history and craft an personalized email telling you that your specific device will play specific music better with this update….click here (for ransomware)!
The future of these Cyber Crimes is even more disastrous. What if the next time you pick up your phone, it’s encrypted. Open your car door and it plays a ransom message on your stereo. The first case of Senior Citizens becoming victims of a smart health device attack is expected this year. This would be done through a heart monitoring or activity monitoring device that is connected to the internet.
2018 saw the first network router attack. This is every small business and affluent households’ primary risk point. There is a finite number of router brands that everyone uses to access the internet and the internal software is never updated. Black Hat software developers wrote software that attacked only one type of router in 2018. Multiplying the top 10 routers (including apple) is just a matter of time.
Protecting yourself is mostly a logical strategy – Separate yourself from the pack by increasing your security. A few simple changes will decrease your risk by 90% or better. Some of them are simple hardware changes (like a non-traditional, more secure router). Others are software driven and software update related. The most drastic might be an email vendor change (AOL needs to go).
Passwords will always be the keys to our digital kingdoms. There are password solutions for every type of person and security situation that exists. Do not be lulled into complacency if you have never had a problem or if you don’t think you can handle better passwords. We will find a way to make your passwords secure and working for you!
You can’t make an informed decision until you have all the facts. Do you know what 2FA is? We invite you to research all the topics presented here in this article. If you come away with a clear plan, PLEASE implement it successfully.
Tech 4 Life is available for those who want to understand the facts and the solutions painlessly. We have tried and true solutions that we are using ourselves. We need protection just like you do, both professional and personally!
There aren’t any perfect solutions. We believe that pro-active separation from the pack is the best path. Make yourself more difficult to attack than others and this evil will most likely pass you by.