Magazine article Risk Management

New Ransomware and Cyber Extortion Schemes Hold Businesses Hostage

Magazine article Risk Management

New Ransomware and Cyber Extortion Schemes Hold Businesses Hostage

Article excerpt

In early June, the Justice Department I seized central of two of the most destructive viruses ever to plague American businesses. CryptoLocker, a highly effective form of malware, hijacked affected computers by encrypting their files, then threatened to withhold the private key necessary to release the files unless their owners paid a ransom in digital currency-which 41% of affected businesses did. By the end of 2013, more than 22,000 computers were infected with the malware, and the crooks behind it had netted more than $30 million.

Gameover Zeus, another sophisticated form of malware, was designed to steal bank log-in credentials, Hackers were able to gain access to confidential financial information and siphon some $100 million from U.S, banks into overseas accounts. If it did not find the information it was looking for, GameoverZeus would then launch CryptoLocker.

Both schemes were disrupted-at least temporariiy-but the criminal gang behind them, allegedly run by a Russian hacker, is still at large, and there is no reason to assume that American businesses will not be subject to these and similar cybererimes in the future.

In fact, as soon as companies find a way to mitigate the risk of one type of cybercrime, criminals seem to come up with a new one. in a 2013 survey of U.$. businesses try Carnegie Mellon University and ine U.S, Secret Service, 75% of respondents reported that they had been the victim of a cyberaitack in the past year. While governments are stepping up efforts to combat computer crime, the bad guys appear to be winning for now.

The most insidious cybercrimes ara remarkable tor their Ingenuity and craft, and tend to tan into one of two general categories. CryptoLocker is only one of many extortion schemes in which cybercriminals commandeer computers and computer networks and hold them hostage, using threats that arc often aimed at a company's greatest vulnerability. Some ransomware simply locks the affected computers. Other types, including CryptoLocker, work by infiltrating corporate public-key encryption systems, in which parties In electronic communication each have two different 'keys'-a public key to encrypt information and a private key, known only to the recipient, to decrypt it

In most cases, this is a highly useful security tool, since it bypasses the need for a password to decrypt communications. Unfortunately, hackers can use It to their advantage, usually by sending what appear to be legitimate emails containing attachments. When employees open those attachments, the files stored on tire company's network are suddenly encrypted, with the decrypting key firmly in the hands Of the hackers. The only way to regain network control is tor companies to pay a ransom. The genius of the CryptoLocker Scheme was the fact that most of the requested ransoms were small and relatively painless-often just a few thousand dollars.

Other types of cyberextortion target corporate or personal information, from proprietary trade secrets to employees' health data to customers' social security numbers, which hackers then threaten to make public online. A similar crime is the denial of service attack, in which hackers threaten to take down systems that allow a company to process its business-shutting down Inventory control, tor Instance, or simply destroying data.

Some cybercrimes make money for hackers the old-fashioned way-by stealing it A gang of computer criminals known as Pony, for example, created a botnet-a network composed of the compromised computers of thousands of innocent Indlviduais-whosc sole purpose was to rip off bitcoins and other forms of digital currency by stealing passwords from social media sites like Facebook, Twitter and Linked In. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.