Smarter technology means smarter criminals. With technology adding more conveniences for cybercriminals, ransomware, a type of cyrptoware that demands a ransom be paid before releasing the victim’s documents, is making a scary comeback. Thanks to a new “ransomware-as-a-service” tool recently discovered by McAfee, cybercriminals who lack the know-how to successfully hack victims can now achieve their goals with easy-to-deploy kits.
The tool, called “Tox,” allows cybercriminals to register for free, then create their cryptoware in three simple steps by entering the requested ransom amount, entering a “cause” and submitting a captcha. In exchange for providing the tool, Tox collects 20% of the ransom money.
After the virus is deployed, it encrypts the victim’s data and prompts them to pay the requested ransom amount via bitcoin. The anonymity, convenience and availability of online payment systems like Bitcoins, WebMoney, and greendot have made it easier for online criminals to collect on ransoms payment without being caught.
“We don’t expect Tox to be the last malware to embrace this model. We also anticipate more skilled development and variations in encryption and evasion techniques,” Jim Walter, the Director of Advanced Threat Research for Intel Security, said of the threat.
Ransomware stood out as one of the most common forms of malware in 2014. And with the emergence of this build-your-own-ransomware model, these threats don’t show signs of slowing.
Who’s at risk?
Anyone can fall victim to a ransomware virus. All it takes is one wrong click.
Typical targets for cybercriminals are those with the most to lose. This means big companies and companies with highly sensitive information should be on the lookout. However, smaller companies and even individuals can become ransomware targets.
There are a few ways you could fall victim to ransomware. It often disguises itself via fake emails offering updates to operating systems and other software. However, it can also take advantage of the vulnerabilities in your web browser or plugins when you access an infected site containing malicious scripts.
These threats are often disguised as:
- An extension of browser plugin (usually a toolbar)
- A multimedia codec (ie: MP3, WMA, RealAudio) needed to play a certain video clip
- Software shared on peer-to-peer networks
- Or even a malware scanning service
How to protect your data
There are a few ways to avoid becoming a ransomware victim, and a few preparations you can make to minimize the damage, should you ever fall victim.
Knowing what to click and what to avoid clicking helps. Be wary of emails or pop-ups suggesting software downloads. If you think it’s time for a software upgrade or video player update but are wary of the link/email, your best bet is to close out of the message, open a new window, and visit the website directly so you’re not redirected to a malicious link.
While you may not be able to fully ensure your company’s data won’t be encrypted and held hostage from you, you can ensure that you’ll get it back without complying with the criminal’s demands.
The way around paying out?: Backup your data. Online backup creates a complete copy of your data and updates the backup continuously, so that all of your most recent changes are recorded. But if your data is encrypted, your backup will be encrypted too right? Wrong. Cloud backup gives you the power to access previous file versions. If your data is ever encrypted by the bad guys, just format your drive and restore your most recent (uninfected) backup.
Just like that, you’ll get your data back without having to sacrifice your cash to the hands of cyber criminals!
Ransomware-as-a-service may not be the most pleasant news you’ve heard all week, but the good news is you can outsmart the criminals. Protect your organization from cyber extortion — sign up for a free trial of cloud backup today.
