Internet Fraud and Scams
Historical Background and Description
Ransomware has been around for quite some time in relation to the age of the internet. Ransomware is a type of malicious software that blocks access to a user’s files unless a ransom is paid. (Young ; Yung, 1996) The first major ransomware attack was conducted in an era when the internet was not prevalent. The incident is commonly referred to as the AIDS Information Trojan. A biologist by the name of Joseph Popp was the creator of the Trojan and mailed 20,000 floppy disks claiming they had information on them about the AIDS virus. Once the disk was installed on the computer it blocked the user’s files and asked for $378 dollars to be sent to a P.O. Box in Panama City. (Furnell & Emm, 2017) As previously stated, money was to be sent to a P.O. Box for collection. At this time in our country the internet was still in development, so money transactions had to be completed in person or in a real-world transaction through the mail. This made monetizing a ransomware attack almost impossible. We see ransomware rise again around the mid 2000’s with a Trojan called GPCode. Once again, a user’s files would be encrypted with instructions on how to regain access. (Furnell & Emm, 2017) Only this time, they were linked to an email address where they would send money to an online bank account. This made it much more feasible for the attacker to be successful in retrieving a victim’s payment and increased the ease of use for the victim to make payment. This attack was followed by many other ransomware families. We have seen more recent and large-scale attacks like the WannaCry attack that occurred in 2017. In early ransomware attacks encryption was implemented poorly allowing certain anti-malware to detect and remove the malware. (Furnell ; Emm, 2017) With technology advancing however, it is more difficult to detect and remove the ransomware before it locks the victim’s files. Even if the ransom is paid it is hard to tell if people will even regain access to their files. A study by Kaspersky Lab shows that only 20% of small and medium sized business got access to their files restored. (Furnell & Emm, 2017)
Ransomware can be used to attack a single individual, but its main goal is to make as much money as possible. With this fact, bigger businesses and corporations are typically targeted for ransomware attacks. Victims include Police precincts, hospitals, government offices, universities, and even transportation systems. (Young & Yung, 2017) These attacks can be carried out in a few different ways. A very vulnerable aspect of a person’s life that is susceptible to a ransomware breach is through email. An attacker can send out mass email attacks with bad download links hidden in an emailed disguised as one coming from a legitimate source. Once the victim clicks the link, a download is started and if that computer is linked to a business server it can spread across different computers. Another way that ransomware can find its way onto a computer is through a link much like the one in the email attack. This time, the attacker will post a link on various social media pages and anyone who visits the link will be infected with the ransomware. Anyone that does not have general knowledge of different types of internet scams are vulnerable to these attacks such as the elderly and children. Business are also hit hard by these attacks because of the attacks can occur on such a large scale. In 2017, there was a large-scale ransomware attack called WannaCry. During the incident, it was reported that over 200,000 computers were infected across 150 different countries. The attack exploited a vulnerability in Windows Software.
After the WannaCry attack, research was conducted to figure out why the attack was able to be successful on such a large scale. Systems tend to offer new updates to their security frequently. When a flaw in security is discovered, an update will be made to strengthen all systems so no one can exploit the flaw. It turns out that the WannaCry attack was so successful because the computers were still running a vulnerable operating system. Windows promptly provided a security update for those computers. Most computers were running Windows 7 with research findings showing 67% to 97% being on this platform. The problem is that these computers had the opportunity to be updated earlier, so any attack was avoidable. (Furnell ; Emm, 2017) A survey study by KnowBe4, a popular platform for security awareness training and simulated phishing, surveyed more than 500 organizations on their ransomware security. 33% had experienced a ransomware attack in the last 12 months. 53% of organizations that had solutions for ransomware still became victims. 48% of the respondents that downloaded KnowBe4’s simulated ransomware could not detect it on their computer even though they had antivirus. (2017) This study also showed that ransomware generally takes over more than one computer. 94% of businesses didn’t pay the ransom for their files while the remaining 6% payed around $3,000 to $4,000. This research shows us that ransomware can be implemented on a large scale and be difficult to attack. An issue with this research may be that not all of the organizations took part in the survey or the information given was misconstrued to help promote the KnowBe4 program.
A good place to start for preventing a ransomware attack is at the individual level. Social media scams and spam email are big ways that people are impacted by ransomware. If companies can train employees to look out for simple things that may help identify an attack, then they stand a better chance to defend themselves. Another preventative measure is to never leave equipment unattended. This leaves it open for attack. (Allen, 2017) Make sure all devices have passwords on them and be sure to make them something difficult for someone to guess. Keep software and systems up to date as well as antivirus protection. Regularly save and back up computer data. Using several different types of backups will increase your chances of retrieving your information. Cloud storage, back up hard drives, and thumb drives are all good options for backing up computer data. Ensuring you have a backup makes it easier if you ever need to completely restore a computer. Even though you have all of these protective measures in place, it is still difficult to guarantee that a system will be safe from ransomware. If someone wants to victimize you with ransomware it is difficult to prevent.
Ransomware is a different type of malware altogether. It is deliberate and in your face. The attacker wants you to know you have been attacked. Other types of malware are generally unobtrusive. If people started to design ransomware to be undetectable then you would never know if your system was even vulnerable in the first place. I believe that there will need to be an update to current law to combat these attacks as well. I predict that there will continue to be attacks until there is a major large-scale attack that targets not just our computers, but other devices as well. What could happen if other devices were subject to ransom such as smart homes, vehicles, and phones? Ransomware attacks are only going to get worse and it may take a large scale attack to cause a wake up call for businesses to increase security and for technology companies to review their security software.
ALLEN, J. (2017). Surviving Ransomware. American Journal of Family Law, 31(2), 65–68.Retrieved fromhttp://search.ebscohost.com.marshall.idm.oclc.org/login.aspx?direct=true;db=aph;AN123206569;site=ehost-live
ANTIVIRUS INEFFECTIVE IN PREVENTING RANSOMWARE. (Cover story). (2017).Computer Security Update, 18(4), 1–3. Retrieved fromhttp://search.ebscohost.com.marshall.idm.oclc.org/login.aspx?direct=true;db=aph;AN122265630;site=ehost-liveFurnell, S., ; Emm, D. (2017). The ABC of ransomware protection. Computer Fraud ;Security, 2017(10), 5–11. https://doi-org.marshall.idm.oclc.org/10.1016/S13613723(17)30089-1
Young, A.; M. Yung (1996). Cryptovirology: extortion-based security threats andcountermeasures. IEEE Symposium on Security and Privacy. pp. 129–140.
Young, A. L., ; Yung, M. (2017). Privacy and Security Cryptovirology: The Birth, Neglect, andExplosion of Ransomware: Recent attacks exploiting a known vulnerability continue adownward spiral of ransomware-related incidents. Communications of the ACM, 60(7),24–26. https://doi-org.marshall.idm.oclc.org/10.1145/3097347