Security experts are expecting 2015 to be the year where ransomware and extortionware grows significantly, according to reports.
In its 2015 Threats Prediction Report, McAfee Labs says that this year we will see an increase in the use of cyber espionage and cyber warfare tactics, with analysts predicting an increase in ransomware and extortionware, where users’ files are held to ransom by hacker demanding payment, usually in bitcoin.
Growing threat of ransomware
There have been cases of ransomware like CryptoWall and SynoLocker and in early December, another ransomware reared its head – OphionLocker.
The new ransomware was discovered by Trojan7Maware and uses the same cryptography as used by CTB-Locker. When it infects a system, it uses a Tor2Web URL and gives instructions for sending the payment and obtaining the decryption tool.
Last October, municipal councils in Italy were infected by a ransomware that demanded payment in bitcoin. Also, security firm Damballa released a report last year stating that the Kovter ransomware skyrocketed in no time.
Here is a quick overview of cyber warfare tactics that are expected to make headlines in 2015.
Muleware is different than malware and seeks the participation of users by offering them incentives to become a part of the attack. Until now, cybercriminals achieved their objectives by exploiting the data on our devices. However, paying for the data and turning potential victims into integral parts of the hacker’s supply chain is even more profitable.
Last year we saw hackers using call-forwarding features to bypass the two-factor authentication system used by Google, where the attacker disguised himself as the victim who had been locked out of his account. Some authentication systems ask a number of personal questions to re-authenticate. Others require the user to disclose personal information. But it looks like an irate and persistent customer can get his way no matter what. This is tricky when that customer is a hacker.
Ransomware encrypts your data and demands money in return for the key. If you don’t pay within a stipulated period of time, the attacker will erase your data.
Extortionware is basically an expanded form of ransomware, where the attacker threatens to make your data public. The consequences can be disastrous depending upon the nature of your data.
How to Protect Yourself from Ransomware
- Always use reputanble anti-virus and firewall
- Back up your system every day. If everyday backups are not possible, make sure you do that at least once a week
- Exercise caution and don’t click on suspicious websites or links inside emails
- If infected, shut down the computer and don’t connect to the Internet. This way, your data will not be sent to the hackers’ end. If you already have a backup, you can wipe everything clean from your computer and start afresh
- Alert authorities because ransomware is a serious crime
Remember, do not pay the ransom as it will only encourage the hackers, and they might hit you back after some time.