Ransomware attacks


John Oliver devoted a segment of Last Week Tonight to the problem of ransomware, where hackers break into a computer system, lock up all the data, and then demand payment, usually in cryptocurrencies, in order to provide the key to unlock it. Barely a day goes by without some report about a new ransomware attack. The news stories focus on the havoc caused by attacks on big entities like hospitals, local governments, and businesses. But Oliver points out that with more and more people having their home devices hooked up to the internet, those become vulnerable as well.

For example, if your thermostat can be operated remotely, then it is possible for a hacker to seize control and turn up the heat to a very high level until you pay the ransom. Similar interference can be done with your refrigerator and stove and any other wi-fi enabled device. And who knows what mischief can be done if your Alexa or Siri services get hacked. When you read about such possibilities, one can understand why some people choose to go off the grid.

One might think that it would not be worth the while for hackers to go after ordinary individuals because the payoff is not large. But ordinary people are also easier targets since they are less likely to have security precautions in place. The risk for the hacker is also lower since such people are more likely to panic and quickly pay the ransom and not try and fight it. It is similar to the Nigerian prince-type scam that targets regular people.

Oliver says at a minimum, people should have two-factor authorization in place.

Comments

  1. jrkrideau says

    I had a ransomware attack on my home computer two or three years ago. I read the demand, figured everything was backed up and rebooted. No problem.

    I guess the crooks don’t do Linux all that well.

  2. K. Swamy says

    There’s a fascinating podcast called The Lazarus Heist put out by the BBC. Also available on YouTube. The ransom ware Wannacry is believed to be associated to the Lazarus group which in turn is linked to North Korea.

  3. lochaber says

    I’m running linux, and I don’t really know what I’m doing, so every couple of years or so, I tend to bork some installation or update, and end up just reformatting my harddrive and starting over.

    So, in the event that my personal computer got ransomwared, I’d just swear a lot at the lost save game files, and reformat my hard drive yet again.

    Once shared some office space with someone who would get hit by ransomware a couple times a year, and they even got a couple work computers locked up as well. luckily, it wasn’t anything we couldn’t simply wipe and restore, but I am kinda curious what kinda websites they were frequenting that were so rife with ransomware…

  4. says

    Old school security practitioners (*ahem*) warned for decades that the consequences of non-segregated networks, uncontrolled desktop software distributions, and allowing privileged operations by unqualified users was going to result in ballooning vulerability. Standards like HITECH also worked to standardize systems in vulnerable states. Basically what happened was that everyone told everyone “this is fine” and trusted the vendors who told them “its all OK”

    When I started computing there was a division between production systems, which were under configuration management, and the other stuff that was disposable. That worked well, and allowed people to conclude that system management was not necessary. Hey lets let the users install their own software! No wait let’s make it AUTOMATIC so you just plug a doodad into the system and it downloads the drivers from someplace and loads them into kernel space without pestering the user! That was the beginning of the end: when the user has complete control of “their” system all you need to do is fool the user or get them to click on something. The whole software management model of modern systems is designed to make it easy for an idiot to operate them, which means a hacker can control the software by impersonating an idiot. Other basic administration 101 went out the window with that, such as requiring and testing backup and recovery. You don’t need that -- your data is in the cloud -- they say. The whole disaster was pushed by software vendors, o/s vendors, and cloud providers.

    And for organizations that decided none of that matters, the bill is coming due.

  5. jrkrideau says

    @ 3 lochaber
    So, in the event that my personal computer got ransomwared, I’d just swear a lot at the lost save game files, and reformat my hard drive yet again.

    My thought was go to my local computer store, 800 metres away, have them replace the hard drive and I’d reinstall the system. Much cheaper than the ransom.

    Like you, I manage to really mess things up every 2-3 years and a reinstall is no big deal though the last time I must have spent 2 days installing all the weird software and re-configuring things.

  6. mnb0 says

    “if your thermostat can be operated remotely” etc.
    Why anyone would need such stuff is beyond my Surinamese and Dutch comprehension.
    The only thing in my house that can be hacked is my computer. Well, that’s what I have an external disc for (also for evt. crashes of course).

    “Oliver says at a minimum, people should have two-factor authorization in place.”
    Owning devices that need two-factor authorization is as as silly as

    https://thumbs.dreamstime.com/b/amerikaans-paspoort-achterzak-24935734.jpg

    in a Third World city.

Leave a Reply

Your email address will not be published. Required fields are marked *