Times of Oman
Oman technology: Your money or your data
August 14, 2016 | 4:53 PM
by Syed Haitham Hasan
Ransomware
 
Sharelines

So one fine morning you power your PC and get a message saying your files are being held for ransom. Pay and release your PC. Access to files blocked with no control over the computer and there is a message demanding payment. Welcome the multimillion dollar malware, Ransomware, which holds personal devices to ransom.

You have got it right, there was kidnapping, dog napping and now the high tech world has devices held for ransom. Where conventional kidnappers have risked law enforcement by physically kidnapping people and demanding money, this malware is a safer option by criminals looking for a quick buck or speedy thousands.

The means of circulating is an identical approach to most malwares, tricking victims to download malicious content or visit a false website. Ransomware is found on malicious websites and email attachments, most of which are suspicious in the first look itself, however the content it carries is lucrative enough to trick the victim into downloading the attachment or visiting the website. Majority of these fraudulent content includes lottery wins, adult material or a new software download to boost CPU speed. However, it is not limited to only rewarding material, Ransomware can sometimes show up as a Java upgrade or a law enforcement agency demanding a payment for an alleged online crime. Technically speaking, Ransomware installs on a victim’s PC covertly and launches a cryptovirology attack that in turn encrypts the data on the system using a strong encryption algorithm, making it impossible to access. The attacks are executed using a Trojan, which contains the malware, disguised as a legitimate file.

As the system is locked out of the user’s jurisdiction, it displays a message detailing that the PC is held on ransom. The payment is not in any denomination known to an average computer user as there is no currency as Bitcoins. It is a form of digital currency which is under the jurisdiction of no country but produced by people and held electronically on the internet. It is a whole new way of financial transaction on the internet; however the fact of interest in this case is, unlike national currencies Bitcoins are very hard to trace back to source. This gives an attacker a more flexible and safer method of assaulting the victim.

The victim on the other hand, even with a decent knowledge of computer technology, can’t cure the denial of access to their files as doing so would require a decryption key which is in the clutches of the perpetuator.

Several malwares are dangerous and can nearly destroy every piece of data on the computer, however Ransomware relies on fear. The victims lose control over data, which lies on the mercy of the attacker. This data may include important company statistics losing which could be losing their job or embarrassing browsing activity or the data saved into the hard drive for years. Fear makes people do irrational things and capitalising on this, attackers demand the ransom paid, quite successfully. However, a payment does not carry a guaranteed access to the computer or the files as it still depends on the ethical values of the intruder, which should not be very utopian. A series of harassment could occur and is potentially a health risk for most people considering the amount of personal and significant data held on computers lately.

So if one happens to be rational and denies payment, they can report it to authorities and get back their files with the help of an IT security firm? Well the attackers planned for every contingency. Newly discovered variants sport more advanced algorithms and adopted new tactics to squeeze the finances they demand. Jigsaw, a new variant of Ransomware threatens to wipe out data from the hard drive for every hour the payment is delayed, cracking down on the rational minds.

Earlier Ransomware variants can now easily be decrypted and security firms have massive resources to counter the threat. The problem however persists as dealing with Ransomware must not be a curative care but a preventive one. Most large security firms offer multilayer defence strategies to counter the threat from it and are mostly successful in keeping it at bay. Even ISPs normally harbour some strong security techniques to prevent such softwares, however, the problem comes when an individual bypasses these security barrier tunnelling them through VPNs to visit malicious websites for whatever personal reason. This permits the Trojan disguised as legitimate content to download the malware. Users also need to beware of e-mail attachment, pirated software, and fake software upgrades. Most of these do not require an IT professional to classify them as malicious; it is quite evident from the type of message, website or the sender.

A million dollar lottery victory is not happening for you especially when you never bought the ticket so get back to work, there is no easy way of making money.

[email protected]


STAY UPDATED
Subscribe to our newsletter and be the first to know all the latest news