Imagine turning on your laptop one day, only to be greeted by a bright, red screen with a warning message: "Your personal files are encrypted! ... The private key will be destroyed in 72 hours."
What would you do?
Cyber-ransom is a relatively new crime on America's digital shores and it is spreading fast. In just the last year, the number of "ransomware" attacks have escalated globally, with one antivirus firm reporting in May that Internet users visited ransomware-infected sites 18 million times in a single six-week period! While ransomware has actually been around for almost 10 years, until now, it's mostly been limited to Russia and parts of Europe. But this all changed with CryptoLocker, one of the most dangerous types of ransomware that has ever been developed.
Ransomware is dangerous because it infects your computer and then encrypts all of your locally stored personal files (photos, documents, movies, music, etc.) behind a virtually unbreakable wall of encryption. The victim must pay a hefty fee to the hackers to get the files back. The FBI recently conducted a major global crackdown on the servers that were being used to host and spread CryptoLocker; however, the malware is still available for sale in the digital black market -- and many other types of ransomware, new and old, are also being regularly bought and sold by cyber-criminals.
But the cyber-ransom industry is bigger than just a few crypto trojans. It's becoming a major source of revenue and lulz for hackers around the world, most of whom are now targeting American consumers.
Here are five types of cyber-ransom attacks that could target you in the next year:
- Ransomware - The most common attack; involves the use of ransomware to infect a person's computer or mobile device, encrypt all of their locally stored personal files and force the victim to pay a fee to unlock them. Examples include CryptoLocker, CryptoDefense, CryptoWall, and CryptorBit. Others, like WinLocker, will insert a pop-up window over the victim's screen, which won't go away until a ransom is paid.
How to Stay Safe: In most cases, infection is via phishing emails or by drive-by download attacks. Even if you're careful about using email, you could still get infected if you visit a website that has been instructed to deliver the drive-by attack automatically through your browser. If you're hit by a less sophisticated type of ransomware, you may be able to remove it, but be forewarned, these "easier-to-remove" variants are going out of style fast. The best advice is to back up your important files to avoid losing them in an attack, keep your antivirus updated, don't open suspicious emails/attachments, and use a script-blocking plug-in like NoScript or NotScripts to prevent drive-by downloads online.
- Hijacked Accounts - In a recent study by Google and Carnegie Mellon University, researchers found that between 15.6 percent and 30 percent of consumers have fallen victim to account takeovers. A 2012 study by Pew Research found 21 percent had compromised accounts. This should make it apparent how easy it is for a hacker to crack weak passwords and access online accounts. Account takeovers can be serious, particularly if they involve any financial or credit card-linked accounts. Hackers can also target accounts that users may not fully protect like Facebook, Twitter and LinkedIn. With cloud services like Dropbox, Google Play and iCloud, attackers may threaten to erase or publicly release files stored in these accounts unless they're paid off -- and they can go even further by "bricking" iOS devices as was recently reported by victims in California and Australia.
How to Stay Safe: Hackers have many tools at their disposal that can attempt "dictionary," "brute force," or "rainbow table" attacks that make cracking a weak password a piece of cake. You should change your passwords periodically and consider using a password manager tool (which keeps them encrypted) like LastPass or PasswordSafe. Create a long (10 digits or more) password comprised of lowercase and uppercase letters, numbers and special symbols ($%*), and don't use the same password for more than one account.
- Sextortion - Last year, Miss Teen USA Cassidy Wolf became one of the nation's most high-profile cases of "sextortion," an increasingly common crime in which a hacker steals a person's photos or videos (usually by hacking a computer, phone or webcam) and then demands some form of payment not to distribute them online. There are several different ways individuals can lose their private images to a hacker: an ex-partner can send shared images to a third party; the victim can be enticed or threatened into sharing them; the hacker can hijack an online account that stores these sensitive images; or the victim's computer or mobile device can be infected by a Remote Access Trojan (RAT) that allows the attacker inside access. RATs allow the hacker to remotely enable the victim's webcam to clandestinely capture images of them.
How to Stay Safe: The best advice is also the simplest: don't take pictures you don't want others to see. There's no 100-percent foolproof way to protect a sensitive or embarrassing photo -- so don't take it in the first place! When storing any sensitive material, make sure it is encrypted so, if it is stolen, the hacker will have to work even harder to attempt to access it.
- Denial-of-Service - A growing number of businesses are now being targeted by hackers in what is known as DoS/DDoS extortion. With this scam, a business' website is hit with a massive denial-of-service attack (hackers flood the site with data requests, overwhelming the site's legitimate functions) which forces the site to eventually shut down for an indeterminate period of time. Hackers then demand a ransom payment in order to stop the attack and allow the company to resume its normal operations. Recently, several well-known companies have been hit with this type of attack such as Feedly, Evernote and Code Spaces -- the latter of which was forced out of business. DDoS attacks are almost impossible to prevent, but they can be mitigated if the company has the right technology, IT expertise and processes in place to manage it. Unfortunately, most don't. While this type of attack is primarily aimed at businesses, it may also have a significant impact on consumers. In addition to being blocked from accessing online accounts and services, DDoS attacks can also be used to obscure data theft, which means consumer information may also be potentially at risk.
- Corporate Extortion - More and more businesses are also being targeted with corporate extortion scams -- like the recent case with Domino's in Europe. This type of attack can be carried out in several ways. One approach is to send a ransom letter threatening businesses with negative online reviews, complaints to the Better Business Bureau, harassing telephone calls, or fraudulent delivery orders. Another variation on this attack is where hackers breach a company's network and get access to sensitive data -- usually on customers (such as credit cards, social security numbers, email address, etc.). The hackers then threaten to publicly release or sell the data unless the company coughs up a ransom payment. In some cases, they may ask for a specific currency or even bitcoin. Making matters worse, some hackers are now also targeting medical facilities to steal patients' electronic medical records, such as a recent incident at a UK cosmetic surgery clinic or the 2012 hack at an Illinois medical practice. Some thieves may also try to extort consumers directly.
Don't make the mistake of thinking that a cyber-ransom scam won't happen to you. Criminals around the world are now focusing more on U.S. consumers -- and many of these attacks can be difficult for the average person to spot ahead of time. This is why it's so important for you to start preparing now.
Consider taking the following steps to protect yourself:
- Backup all of your important, personal data
- Be smart about how you use passwords
- Don't store any embarrassing photos of yourself online or on your mobile devices
- Use script-blocking plugins, updated antivirus, and common sense when surfing the web
- Invest a small amount of money in a separate laptop to be used exclusively for online banking (You can buy a Google Chromebook for as little as $199.00)
Follow Michael Gregg on Twitter: www.twitter.com/TheSolutionFirm