Ex-NSA Analyst: Ransomware Hasn’t Gone Anywhere, It’s Still Dangerous
Ransomware broke into the spotlight in 2017, when many major institutions around the world fell victim to the file-locking malware. And while this method of theft has been around almost as long as the internet itself, the rise of Bitcoin has made it extremely popular, giving hackers a way to extort money that is next to impossible to trace.
Ransomware Lives On
Although the news has lightened its coverage on the issue, ransomware continues plaguing institutions in 2018. For example, an attacker used ransomware to take computer systems of Atlanta’s city government hostage. The attacker originally demanded $50,000 USD, but the attack ended up costing the city around $2.7 million, according to a local news outlet.
So how can companies and governments combat this threat? How can authorities track down attackers after they have already made off with the extorted bitcoin?
Bitsonline had a chance to find answers to these questions, sitting down with former NSA chief data scientist Oren Falkowitz.
Falkowitz has a long history of work in the data science field, including his time at the NSA. Currently, Falkowitz works as the CEO of Area 1 Security, a cybersecurity firm dedicated to combating phishing attacks.
The Threat of Ransomware
EF: Can you tell us a little bit about recent ransomware attacks in the US?
OF: All of them most likely started in the same way—a phishing attack that allowed attackers to deliver the malicious ransomware payload into the organization’s computer systems.
EF: Since the massive outbreak in 2017, has there been any evolution in ransomware that makes it more difficult to combat or trace back to the criminals?
OF: No. Attackers are using the same tried and true methods they’ve been using for years. And why not? They work!
EF: Who are the main targets of ransomware, individual or organizations? What role does phishing play in these attacks?
OF: It used to be that high value targets—banks, large corporations, defense systems—were the only ones who were targeted. But these days everyone is a target because information is the new currency and we all run our businesses on computers, so we’re all creating something of value, something we don’t want to lose, every second. B) Attackers know that a local sandwich shop or law firm isn’t going to be as well protected as say, Citibank. But their information is just as valuable to them. So why not attack somewhere the barriers to success are low? And finally, c) Attackers know phishing works. It’s responsible for starting 95% of all attacks, yet the almost none of the cybersecurity solutions available today stop phishing.
EF: Is law enforcement in the US developing any new methods or technologies to make it easier to track down these cybercriminals?
OF: Tracking down cyber crimminals isn’t the problem. It’s stopping them before they can do any damage. Most cybersecurity works like a police force: when a crime has been committed, they show up to gather evidence and solve it. But we need cybersecurity that works like a bodyguard instead. Their job is to prevent the crime in the first place.
EF: What advice do you have for potential ransomware/phishing victims?
OF: Have a backup ready. And make sure it’s secure. In the meantime, consider adding cybersecurity that works preemptively. Because the only way to avoid an attack like this is make sure it doesn’t happen in the first place.
So there you have it. While ransomware itself poses a high-tech threat to governments, businesses and individuals alike, the best defense seems to be heeding age-old advice: use strong passwords, keep them safe and be careful who you give your information to. You never know who wants to hold your data ransom for bitcoin.
Are you worried about ransomware? Let us know in the comments.
Images via Business Insider, Pixabay