06.13.2016

OPINION: Read This or the File Gets It

06.13.2016

Pre-packaged ransomware hacks from the Dark Web has lowered the barrier to entry for cyber-crime and upped financial institutions cyber-security risk significantly.

Instead of hackers authoring their malware attacks, many ‘hackers’ just need to spend $50 and agree to turn over a small percentage of the ransom to the ransomware retailer, who then creates a custom payload and handles typical bitcoin-denominated ransom.

There are now more than 120 different families of ransomware, the BBC reported in early May.

Last year alone, the Federal Bureau of Investigation logged 2,453 ransomware-attack complaints to its Internet Crime Complaint Center.

Most of the ransomware attacks use the same attack vectors as other cyber-attacks- phishing emails, webpage redirects to dodgy sites and infected email attachments.

Typical ransoms are only a few hundred dollars since many hackers want the ransoms to be small enough that the victim would pay it, but large enough so that it makes economic sense for the cyber-extortionist.

However, some hackers have set their sites on bigger targets with deeper pockets.

Off all the ransomware attacks reported to the FBI in 2015, each averaged an approximate $650.

Kansas Heart Hospital was not so lucky when a ransomware attack encrypted a good amount of their files. The hackers first issued a demand for $3.4 million, but the hospital negotiated the ransom down to $17,000, which it eventually paid.

Imagine what hackers would as from an asset management firm.

Hackers are also adopting a “kill a hostage” approach if their victims do not meet their demands by a specific deadline. This strategy further limits what firms can do to mitigate the damage from such attacks.

Law enforcement’s best advice to ransomware victims is to buck up and pay the ransom, which means having access to a ready supply of bitcoins.

More on Cyber-Security:

Related articles

  1. Cyber-Criminals Target Wall Street

    PQC aims to strengthen communication and data security as quantum computing advances.

  2. Wall Street Confronts Cyber Threats

    The DORA compliance deadline is just three months away.

  3. Quantum computing poses a major cybersecurity concern as it can break cryptography & encryption algorithms.

  4. Cyber Threats Mount

    The interruption of the dissemination of indices and market data has been solved.

  5. Cybersecurity Still a Work in Progress

    Other services across the group, including London Stock Exchange continue to operate as normal.