M

Mihir :-)

After many years of data breaches and document leaks capturing the attention of the cybersecurity world, an old hacker trick is back in the spotlight—with a twist. Hackers are intent on making fast cash employing ransomware to extort money from increasingly large organizations, in addition to consumers.

People generally fall victim to ransomware by getting lured into clicking on a link or opening an attachment. Once the malware is installed, it infiltrates a target’s device, encrypts its contents, and demands payment—often via Bitcoin—before decrypting it. Over the past several months, attackers have reportedly used ransomware to extort money from several health care providers across the United States, from MedStar Health in Maryland to Methodist Hospital in Kentucky to the Hollywood Presbyterian Medical Center in California.

Although much remains unknown about the hospital attacks, including whether they are connected to each other and whether any patients were affected, we do know that ransomware attackers are demanding large sums to free corporate computers. Allen Stefanek, chief executive of Hollywood Presbyterian, said the hospital paid 40 Bitcoin (PDF), or nearly $17,000.

“Will we see a million-dollar ransom by the end of the year? Given the companies being targeted, that’s a possibility.” — Tony Robinson, computer security analyst

Like sharks detecting a big meal, ransomware extortionists “smell blood in the water,” says Tony Robinson, a computer threat intelligence analyst who this month published an in-depth history and analysis of ransomware. And they’re increasingly targeting both consumers and large organizations whose systems are vulnerable and yet whose data is valuable. “Enterprise attacks…can get thousands of dollars fairly quickly.” And that’s without even analyzing and selling the data they’ve locked up.

In a report it published this week, security software maker Trend Micro says ransomware authors are testing new psychological scare tactics to get victims to pay faster.

A ransomware variant called Jigsaw displays imagery of Billy the Puppet and the red analog clock from the Saw horror movies to intimidate victims. It also “toys with users by locking and deleting their files incrementally,” Trend Micro researcher Jasen Sumalapao wrote. “They encrypt a few files, and then a few more.”


Read more: Ransomware is 'blood in the water' for hacker extortionists - The Parallax
 
Last edited by a moderator: