Story image

Ransomware: Key insights from infosec experts

07 Feb 2017

Pause for a minute. 2017 has arrived before we even realised it was coming. And it’s brought with it an army of new buzzwords, fresh security threats and an even more switched-on world than 2016.

Before we entangle ourselves in everything digital that this year has to offer, it’s important to heed expert advice.

Take ransomware. What does it really entail? Does it even matter – will it ever actually affect you? It’ll vanish as quickly as it appeared, right?

Wrong. One thing’s for sure: ransomware isn’t going anywhere. As recently reported; cybercrime has wriggled its way into 21st century life, wreaking a trail of havoc as it goes.

And it’s growing.

Ransomware is attacking our hospitals; our libraries, and our financial institutions. It’s attacking our trendy new connected cars. As ESET’s Stephen Cobb envisions, what if it sets its sights on Internet of Things (IoT) devices?

Fortunately, the experts are on our side. Here, we’ve rounded up key advice and insight they have provided within the last year.

RoT: Ransomware of Things Stephen Cobb, senior security researcher at ESET

Golden rule: Don’t put anything on the internet you wouldn’t want your mother to see.

Cobb warns of the impact of a yet unknown concept. His concern is that “malicious software that seeks to take control of a device” – or “jackware”, as he calls it – may infiltrate 2017.

During midwinter in 2016 in Finland, where temperatures were below freezing, cybercriminals were able to take control and halt the heating of two buildings during a distributed denial of service attack. Could these attacks become commonplace as the IoT continues to flourish?

Cobb believes there needs to be a collective international effort made, on both a technical and political level, to stop the IoT giving way to the RoT. “Traditional security techniques like filtering, encrypting, and authenticating can consume costly processing power and bandwidth,” he points out. “There has been a collective international failure to prevent a thriving criminal infrastructure evolving in cyberspace.”

The good news is we’re not falling for anything we’re not sure about. Cobb cites a report from a survey showing that more than 40% of American adults remain unconvinced that IoT devices are safe.

He questions: “Could the combination of consumer sentiment and government guidance lead companies to make the IoT more resistant to abuse?”

Ransomware: should you pay up? David Harley, senior research fellow at ESET

Golden rule: Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even in this adage.

To pay (cybercriminals demanding a bitcoin ransom), or not to pay, that is the question.

Such is the current state of the modern world.

On the morality of paying a ransom to cybercriminals who’ve attacked your system and encrypted your data, there’s a multitude of opinions around. “There’s an undeniable argument that if you give in and pay the ransom, you’ve directly contributed to the wellbeing of criminality,” concedes David Harley. “And there’s unlikely to be a money-back guarantee.”

However, he recognises that often it’s not that straightforward: “In many cases, it’s cheaper to pay up than lose the data … Maybe the damage is so severe that you go out of business. You can’t blame companies if they decide to pay up rather than commit financial suicide.

“It might be seen as being more responsible to pay up rather than destroy the livelihoods of all staff.”

His own personal advice is that “prevention (and backup) is worth a ton of Bitcoins”.

Whatever your stance on the issue, the solution remains to follow the advice of experts such as Harley himself, and Lysa Myers.

What can you do about ransomware? ​Lysa Myers, security researcher at ESET

Golden rule: An ounce of prevention is worth a pound of cure.

“If you have properly prepared your system,” says Myers, “[ransomware] is really nothing more than a nuisance.”

We have selected five precautions she advises taking, by means of the aforementioned prevention.

  • Back up your data – on an external drive that is disconnected from your devices and network when not in use. This is the single most important thing you can do.
  • Keep your software up to date. Use reputable software repositories for both anti-malware software and a software firewall.
  • Disable macros in Microsoft Office files. By doing so, you deactivate the use of the scripting language used by malware.
  • Display hidden file extensions – and look for double extensions. Windows and OSX hide known file extensions. Malware takes advantage of this.
  • Filter EXE files in email; and disable RDP and files running from AppData / LocalAppData folders. Behaviour used by ransomware often manifests itself in the above.

Ransomware “can be extremely scary”, but it can be tackled with education and awareness. Myers ends on a positive note: “If anything good can come out of this ransomware trend, it is an understanding of the importance of performing regular, frequent backups to protect our valuable data.”

Article by Welivesecurity/ESET.

Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
VoiP new-comer upgraded and ready to take on NZ
UFONE is an Auckland-based VoIP provider that has just completed a massive upgrade of its back-end and is ready to take on the market.
Online attackers abusing Kiwis' generosity in wake of Chch tragedy
It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning.
Apple launches revamped iPad Air & iPad mini
Apple loves tinkering with its existing product lines and coming up with new ways to make things more powerful – and both the iPad Air and iPad mini seem to be no exception.
IntegrationWorks continues expansion with new Brisbane office
The company’s new office space at the Riverside Centre overlooks the Brisbane River and Storey Bridge.
Emerging tech helps savvy SMB’s succeed
A CompTIA report shows SMBs are taking on the challenge of emerging technologies to reach their business goals.
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.