Untitled

RANSOMWARE

Blackmail is an act, often a crime, involving unjustified threats to make a gain (commonly money or property) or cause loss to another unless a demand is met.Blackmail can take many forms but this essay will focus on a particular kind refered to as "ransomware" and more importantly what it is, how it works.

Ransomware,as the name suggests, is a blackmail scam in the form of malware (from malicious software) that takes control of a system, encrypting important partitions of the system and rendering data unaccessible unless  demands are met.Malware databases define it as "scareware" as it capitalizes on the infected user's panic and forces them into a situation where they must choose between potentially losing their job or meeting the culprit's demands.

Scareware can infect a user's system in a number of ways. Casually browsing the internet and clicking on shady links with shortened/masked URLs,pop ups that offer free music,movies, lotteries etc, downloading and running .exe files from untrustworthy sources are just a number of ways an uneducated user can compromise the security of their database.The manipulative nature of this piece of malware can be considered as a form of automated social engineering on the lowest level.

In the event of a ransomware infection, the computer screen is bombarded with pop ups of various kinds, ranging from pornographic imigary to offers of fake anti-virus software that promise to fix the problem but instead further infect the system. Among everything will be a window with a message informing the user of his compromised systems and the terms and conditions under which it will be fixed. These instructions often include making a phone call to a premium number, transfering a certain amount of bitcoin to the culprit's virtual wallet, or making a deposit to an offshore bank account. Prices may vary from 10$ payments and amazon gift cards to hundreds of thousands of dollars depending on the infected system.The former case is much rarer as it requires a lot of planning and social engineering before the infection may take place.

Sophisticated ransomware scams are not automated processes and often target a specific individual within a firm - usually employees with high security privilages and/or admin level network access.These kinds of attacks start months prior to infection, by hacking and monitoring the daily life and routine of the targeted employee. When sufficient information has been gathered, a specific scenario and narrative is tailored for the person of interest. In some cases, such an operation can be as advanced hacking and extorting the targeted employee with their private data and turning them into a part of the main attack, essentially forcing them to willingly infect the company's servers. On the other hand they can be as simple of a task as breaking into the mark's home and swapping a usb drive with an infected duplicate without their knowledge.

With reputation and prestige at stake,successful corporate ransomware attacks are rarely disclosed and scarcely documented.As a direct result to this, massive corporate ransomware infections are seen as a rare occurrence. This notion however can be called into question when presented with the US's intelligence reports which declare a loss of $325million dollars in 2015 alone to a variant of ransomware known as "cryptowall".

What makes this type of malware a force to be reconned is the fact that once a network is infected with a an advanced type of ransomware such as "cryptowall" there is practically nothing the user or company can do besides meet the extorter's demands and pay the ransom.While antivirus software may detect, isolate and safely remove an infected file before it can spread, hackers around the world are hard at work improving their malware and making it more and more undetectable, and sooner or later one of them may get through even the most sophisticated security available.

The reason why malware is such a profitable and effective business model for cyber criminals is because it exploits the one constant, unfixable flaw in any system:the user sitting behind the computer.