Ransomware attacks are elaborate schemes set up by opportunistic intruders to make a quick buck. The general idea is to hold someone else’s data hostage under threat of permanently deleting it. So far the idea is working like a charm. An entire industry of scammers has sprouted up to take advantage of network flaws within vulnerable systems.
The culprits evade law enforcement agencies by hiding behind layers upon layers of security, preferring to take payment in only bitcoins and other forms of cryptocurrency. This makes tracking them down a nightmare for intelligence agencies, which often have other concerns to deal with. The end result? Most ransomware attacks go away unsolved and the mystery behind the origins of the hack remains undetected.
Ransomware attacks have shown us that traditional forms of security systems can be bypassed using human intervention. The focal point of the attack no longer remains the network’s own security protocols, but the unwitting human user operating behind the scenes. The best way to send a malware attack is by phishing through emails, utilizing human error.
These emails are cleverly worded, although contain several telltale signs of fraud such as incorrect grammar and incoherent promises, prompting the user to click on the download link. Why hack someone’s security system when all you need is to ask them to download your payload into their systems?
Most ransomware attacks operate with this strategy in mind, and for the most part, tech-savvy users are able to tell right away that a certain email could contain potentially harmful packages that could compromise their data.
For the users who couldn’t tell the difference, they unwittingly download a malware payload onto their systems and let it run silently in the background. Once in the system, the malware viciously locks the user out of their own devices. And if possible, traveling through the network to other computers, mimicking a biological virus.
Once locked out of their device, the malware throws open a message alerting the user of their latest dilemma. “You either pay a ransom of X bitcoins or lose all your data forever.”
The reason why this works is that of the highly effective encryptions that are almost impossible to break. Even the most powerful supercomputers will likely take several decades before finding the key to the data, but by then, the data will have become obsolete and useless.
Most businesses, even large-scale enterprises such as hospitals across the United States and the NHS in the UK, have fallen prey to such attacks.
One of the most devastating instances of ransomware attacks was WannaCry, also known as Wanna Decryptor. It infected at least 45,000 computers throughout the world, with Russia being the hardest hit. WannaCry and many of its variants used an exploit known as EternalBlue, developed by none other than the NSA to break into Window’s security systems.
Once NSA dumped Eternal Blue by making it public last year in April, a slew of ransomware attacks began unadulterated assaults across 74 countries.
These ransomware attacks are so effective that even FBI agents have recommended targets to pay to get their files back.