RSA security officer David Martin says ransomware still a major issue
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
April 30, 2015
RSA internet security officer David Martin says that ransomware fraud may have reached the sweet spot between extorting users and avoiding law enforcement heat.
Martin added that ransomware extortionists' demands top out at about US $10,000, an amount of money sufficiently low to get reluctant companies to pay and to prevent police from intervening.
"I think there is a medium in the center field where criminals and fraud artists only want to target organizations in local jurisdictions only, but if you move into a large enterprise with enough customers, you'll get federal law enforcement involved and make some serious enemies," Martin said at the RSA Conference in San Francisco last week.
"If you get too greedy, you'll make enemies with the people who have the muscle and the power to come and get you. There is a lot of innovation and I think we will continue to see things evolve rapidly," he added.
Smaller demands of cash for keys tends to convince smaller businesses to pay rather than attempting to find cryptographic implementation faults to decrypt their data without paying.
Internet security companies have published free tools to help decrypt shoddy ransomware that typically asks for a few hundred dollars, but the proper high-end product can be next to impossible to feasibly crack in most cases.
The latter ransomware is typically accompanied with various emails sent by attackers to potential victims informing them that their data is encrypted and to pay up or face a rising ransom for each day lapsed.
Estimates on the approximate value of ransomware are very difficult to come by but some fraudsters have made millions of dollars in just a few months.
Symantec says in the early days of ransomware that about 2.9 percent of compromised users simply paid up to avoid any flack.
To reduce the risk from ransomware raids, businesses should change weak and default passwords used on services like remote desktop protocol and back up critical data to air-gapped media.
Exploit software that target unpatched systems like Flash and Java will often force ransomware to work somehow, placing a user emphasis on security patching.
One recent ransomware example demonstrated that even air-gap backups may not be enough by silently encrypting and decrypting web databases for months before pulling the key.
Source: RSA Internet Security.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!