Ransomware has been a scourge since it first reared its head a few years back.
The original Cyptolocker virus continues to cause problems worldwide and has been doing so since 2013. The original version would work like this: you receive a fake email pretending to be from UPS etc. and you click the link.
BAM. First the files on your PC are infected and if you do not unplug the device, it spreads to anything connected to it. The virus still gives you access to Windows but no files, and the frightening looking clock begins its countdown to show you how long you have until your files are deleted.
There is a new version called Petya Ransomware in which a computer’s hard drive is infected. This threat is rampaging across Europe.
The new version is disguised as a Drop Box file ready for you to download. It lists an applicant applying for a job and a link from which you click to download the applicant’s resume.
The criminals do not just send this to anyone. They are not just targeting generic lists of email addresses. They are purchasing corporate email lists from the dark web or trolling for their own.
In this case they are sending to HR professionals. What is the likelihood of an HR pro whose job it is to screen applicants for potential openings clicking on a link to a resume? I would say 25 percent. Those are awesome stats for the criminal as a return rate or click rate on old school hacks was in the 1 to 2 percent range (think back to “I am a Prince in the Congo that needs your help to prepare 10 million USD for transfer).
The appearance of legitimacy is what keeps these people in business. They keep finding better ways to appear like they are the entity in question, going so far as to create domains and email addresses that are only one or two letters different from the original.
If they can pass the casual eye test for a few seconds, someone will click on it. That is why Ransomware has become one of the most prevalent online threats.
There are some other interesting variations to the Ransomware scourge that are just coming to light.
MAC users have always thought themselves impervious to such threats. Those days are over.
MACs are by far safer, but the main reason for that is they are not targeted as much because most of the corporate world is Windows based.
As more and more MACs are introduced, the hackers are along for the ride. KeRanger is a crypto attack that targets the MAC OS. Cerber is a crypto variant that takes geography into account. If you reside in Russia, it will not execute as it detects your location.
The creators of the original virus are from Russia and allegedly hiding out in Ukraine.
My advice is to never pay these ransoms but a lot of people do, with mixed results. They say the average ransom request is about $300 (it is actually paid in Bitcoin which is harder to track), and once you pay the ransom you are either sent a decryption key and you can go on your merry way. In some cases, your money is simply stolen.
Be careful where you click, as you could bring on a world of hurt to your business in an instant.
***
Blake Dowling is chief business development officer at Aegis Business Technologies. His technology column is published monthly on Wednesday. Contact him at dowlingb@aegisbiztech.com or at www.aegisbiztech.com Column courtesy of Context Florida.