Will activism be the new use for ransomware?
Many of us are now aware of the risks of ransomware and how it can lock up the important data of a business or personal data of an unsuspecting individual. News stories such as those regarding the NHS have brought the issue to the attention of even non techies and we often hear UK Government advertisements on the radio to make us aware of the threats.
The underlying premise of current ransomware threats is that of making money for the groups or individuals who are distributing the ransomware. Once a computer owners data is encrypted, a ransom demand is made for payment of Bitcoin to unlock the data - this payment can be many hundreds or even thousands of pounds. Having a solid and tested backup procedure in place can be the difference between quickly recovering from the ransomware infection or as a business, going under and having to cease trading. On average, in our home county of Essex alone, 500 cyber crimes are reported each month. 5 of these are ransomware attacks of which 2 businesses never recover - through having no tested backup strategy in place. This has prompted Essex Police to run free awareness courses aimed at business owners wishing to improve cyber security against such threats.
Many businesses are now opting to buy insurance against cyber threats including ransomware but it has been revealed that in many cases the insurance firms are simply paying the ransom to the criminals. This in turn makes the situation worse as it does not discourage the criminals from entering into such practices as they now know that they will get paid by the insurance companies. With this in mind, the criminals can increase their demands as they know the ransoms will be paid out out by the insurance company.
Follow The Money
It is often said that criminals are brought to justice by following the money. If an investigation can trace where funds go, the criminals identities can often be revealed.
Now, with cases of Bitcoin users being traced by the authorities it will hopefully become less inviting for the criminals to continue risking capture. But this leads us to the possible use of ransomware by activists such as eco cyber-warriors. We envision that the next bout of ransomware will not be by criminals trying to make a quick buck and demanding money to unlock your data, but instead by activists such as Extinction Rebellion.
We envision a scenario in which activists work with ransomware creators to create a strain of ransomware which locks up important data as normal, but instead of demanding a ransom in Bitcoin, demands are more aimed at reducing carbon emissions or the building of green energy plants. For example, a demand such as "We will reveal the decryption key for your data once 5% of planned housing developments have been re-purposed as solar or wind farms throughout the South-East".
If such organisations weaponise ransomware in this way, it will likely be far harder (if at all possible) to trace the culprits as there will simply be no money to follow. It could in fact be a very safe way for such organisations to further their cause as it would hide them behind the fairly anonymous computer screen and reduce the risk of being detained by the authorities at rallies and protests.
Such a tactic may also further their cause by encouraging the general public to start lobbying their council or Government to get action taken in meeting the ransomware demands. So many people now use social media to 'share' and 'like' the views of such organisations but very few actually stand shoulder to shoulder with them to demand Government action, preferring to applaud those making the stand, but unwilling to themselves. Such ransomware may twist the arm of the general public to demand action as something of theirs will be on the line - their own data - be it business data or personal collections of documents and photographs.
So, now we have shared our view on where we think ransomware is going, what can you do to try to offset the disruption it can cause?
How can you protect yourself against ransomware?
The best course of action is to assume that at some point your computer will be infected by ransomware. You therefore need to ensure that you take regular backups of your data. We recommend you have one USB backup drive plugged into your computer at all times which takes an automated daily (or even hourly) backup. Another second USB backup drive should be used to make another backup, but this should only be plugged into the computer when you are actively making the backup. Alternatively, sign up to an automated cloud backup service which keeps multiple versions of your data.
Active Ransomware Protection Software
We install the free Acronis Ransomware Protection tool on many of our clients systems. This tool creates a backup of up to 5GB of user data to the Acronis servers (more space can be purchased if required). The software then monitors your computer for signs of a ransomware attack and if it believes an attack is underway, it will pause the suspicious process and ask you to confirm if the process is safe to continue or not. This obviously put the onus back on yourself as you will need to make a decision as to whether the suspicious activity that the tool found related to something you were trying to accomplish, or whether it was a malicious software infection. This is not always an easy task for a non-techy to determine, but at least it provides a buffer. We generally advise our clients to call us should they encounter an alert from the Acronis Ransomware Protection tool.
Operating System and software updates
To help keep a computer system safe (including tablets and smartphones), Operating System and software updates should be installed regularly.
We do not put much reliance on antivirus products, new strains of ransomware and viruses can get past even the most expensive software. Despite this, we still advise having some form of antivirus software which should be kept up to date.
The best defence for your computer equipment is yourself - the user. Vet everything that passes through your computer just as you would a visitor knocking at your front door. No amount or expense of software products can stop you clicking on a malicious link in an email, or choosing to download what you thought was a fun computer game, only to find that it was in fact ransomware which will lock up all of your important data. If you receive an email from someone you do not know and you were not expecting it, best to be safe than sorry, simply delete it. Always buy your computer software from reputable stores or from the original manufacturer - if you need Microsoft Office for example, do not download it from pirate software sites as it will likely contain ransomware. If you find a USB stick on your driveway, whatever you do, do not plug it into your computer, doing so could easily cost you a fortune.
Still using Microsoft Windows 7? Think you need to buy a new computer after January 2020? Think again...
The Microsoft end of support date for their Windows 7 product is fast approaching
On January 14th 2020, Microsoft are scheduled to end support for their Microsoft Windows 7 product. This means that they will not be releasing anymore security updates or fixing flaws that are discovered in Microsoft Windows 7.
This is bad news for users of Microsoft Windows 7, of which there are still some 35% still using it for business and personal use (https://www.computerworld.com/article/3199373/windows-by-the-numbers-windows-10-user-share-surges-as-loafers-heed-impending-deadline.html). Hopefully your computer systems have already been migrated to a newer platform and away from Microsoft Windows 7, but if not, we would highly recommend considering the change. If you are one of those users, you have four choices at hand:
1. Continue using Microsoft Windows 7 after January 14th 2020.
Your computer will be more open to viruses/spyware and other malicious attacks. Your online safety will be compromised. We suggest not using the computer for accessing services where you divulge personal information including banking, email and online shopping. Preferably, do not continue to use the computer connected to the Internet, only as a standalone machine.
2. Upgrade your existing computer hardware to be Microsoft Windows 10 compatible.
Purchase Microsoft Windows 10 and replace Microsoft Windows 7 with it. You will be safer online than using Microsoft Windows 7 but still ensure you purchase antivirus and antispyware products to ward off the most prominent threats. Many Microsoft Windows 7 computers will not be cost effective to upgrade for Microsoft Windows 10, you may therefore need to implement either of the next two options.Microsoft Windows 10 Home when legally purchased from Microsoft currently costs £119.99. Microsoft Windows 10 Professional currently costs £219.99. It is possible to find cheaper activation codes for Windows 10 on various websites, but be very careful with these - they are often not legitimate and may not work or cause issues later on. We always recommend purchasing your computer software from the original manufacturer.
3. Dispose of your perfectly working existing computer hardware.
Purchase a brand new computer with Microsoft Windows 10 but still ensure you purchase antivirus and antispyware products to ward off the most prominent threats. If you choose to dispose of your existing computer equipment, ensure that you have it erased so personal information cannot be recovered from it, we recommend having a 7 pass erase performed on the hard disk drive with zeroing of data. Corrilan offer this service - contact us for more details.
4. Continue to use your existing computer safely, by replacing Microsoft Windows 7 with Ubuntu Linux.
You can download and install Ubuntu Linux (http://www.ubuntu.com/desktop) for your business or home computer system, replacing Microsoft Windows 7 - don't forget to backup your personal data first, you should be taking regular backups anyway. You will still be able to access the Internet, email, wordprocess, create spreadsheets and presentations plus much more. When the next version of Ubuntu is released, you will be able to upgrade free of charge. Just like an Apple Mac, Ubuntu is not compatible with all software products that you may rely on so this fourth option may not be viable for certain users, but is well worth a consideration - feel free to contact us to discuss if you are unsure.
To discuss your options in more detail please contact Corrilan IT Consultancy Ltd.