© HTTPS://WWW.CISA.GOVHow to
Combat Malware
1
THE EVOLUTION OF RANSOMWARE
A few years ago, ‘guilt-ware’ attacks were common. Here,
unsuspecting users would log into their machines and be
greeted with a banner stating they were under investigation
for nebulous crimes—anything from piracy to pornography
or promulgation of terror materials. But don’t worry, says the
warning, all of this will go away if you wire some cryptocoins to
this address. The message explains how to acquire said coins
and warns that if you do not pay, you will be arrested.
>> That these kinds of attacks were ever successful (and
sometimes still are) speaks volumes about people’s gullibility.
It also shows that some people have quite strange ideas about
how justice works. Yet we should not be so dismissive, as there’s
some psychology behind this. There is a widely held theory
that everyone has some latent guilt about something they have
done in the past and not ‘fessed up to, and tapping into this
with an abrupt and scary message can make the subject feel
rumbled. Detectives take advantage of this (and all kinds of other
techniques) when questioning suspects.
>> Still, it’s the kind of message that lots of people (especially
anyone used to browsing the internet without a pop-up blocker)
will just close and ignore. Later evolutions of this attack would
go a stage further, either locking the victim out of the machine
entirely (forcing the user to choose between a complete reinstall
or a quick ransom payment) or encrypting any user documents it
finds. This is what ransomware typically refers to today. Thanks
to networking (and a rich underground scene in the trade of
network exploits) damage may quickly spread to other machines
too and, before you know it, a stray click on a single machine
might bring about a network-wide incident.
>> Naturally, businesses are a much more lucrative target
with (according to Coveware) the average payout in 2020 being
$233,817. Attacks on home users might ask for anywhere
between $200 to $2,000, which is why they don’t tend to grab the
headlines anymore. Home users may also feel uncomfortable
about reporting a ransomware attack, but they shouldn’t. EvenTHESE DAYS, IT SEEMS we’re never far from cybercrime headlines. In the last few years, we’ve
seen large-scale attacks against Ukraine’s power grid, Sony Pictures, the Colonial Pipeline,
JBL-SA (the world’s largest meat supplier), and South African shipping firm Transnet. Such
attacks often aim to cause damage and disruption, though the aim can sometimes be political.
The Sony Pictures hack is widely believed to have originated from North Korea, with hackers
demanding that the Kim Jong Un-themed comedy The Interview be withdrawn.
Latterly though, hackers are financially motivated—they want their targets to pay a ransom
(usually in cryptocurrency), either to restore access to their systems or avoid sensitive
information being publicized. These are known as ransomware attacks. Ransom demands
can be high too, with the Colonial Pipeline hackers, DarkSide, receiving $10 million (most of
which was later recovered). Thanks to the ease with which fiat currency could be exchanged for
Bitcoin, ransomware attacks launched against home users have proven profitable too.
Internet-facing Windows and Linux servers have long been a target for all kinds of mischief,
and with so many Internet of Things devices joining the party, such intrusions are only going to
increase. Directed attacks against home users are waning, primarily because there are much
more lucrative targets out there, but that’s no excuse for complacency. So, over the next few
pages, we’ll show you the modern threats, refresh some best practices and hopefully get your
2022 off to the safest start possible. Let’s get to it! –JONNI BIDWELLYOU’LL NEED THIS
A PC RUNNING
WINDOWS OR LINUX
Internet connection.if the authorities can’t help, reporting the incident to
the Cybersecurity and Infrastructure Security Agency
(or the NCA in the UK) will at least help them measure
the scale of the threat. For businesses, the projected
cost of recovery might well exceed the ransom, at which
point, it makes business sense to cough up. Insurers
are starting to recognize this, with some controversially
even including ransomware payments in their policies.2
SAFE HEX
Basic internet hygiene is the best defense for
home users against ransomware and malware
in general. Unfortunately, “the basics” encompasses a
myriad of different areas these days, and many of these
points deserve their features covered all on their own.
Still, let’s at least try and summarize them here.>> Cybersecurity and Infrastructure Security Agency
has some good high level advice for home users
seeking to avoid ransomware (https://www.cisa.gov).66 MAXIMU MPC MAR 2022
R&D