Hacking into a business’s network to steal credit card numbers and other personal information is old school. Today’s hackers are concocting schemes that are far more sinister and often involve extortion rather than outright theft.
Ransomware is malware that locks users out of their systems. Users see a notice that their data is being held for ransom, and the notices often feature a countdown timer to convey a sense of urgency. Often, the hackers claim to be law enforcement and suggest that the user has committed a crime, like child pornography or copyright violation. The hackers count on the potential embarrassment to encourage their victims to pay up rather than call law enforcement. This scheme has had tragic consequences. One teenager even committed suicide after receiving a ransomware notice that was supposedly from law enforcement.
The newest variation of ransomware is targeting gamers. It’s a variant of Cryptolocker and affects over 20 games, including Minecraft, World of Warcraft, and the Steam platform. In this scenario, the hackers tend to be upfront about demanding a ransom instead of pretending to be law enforcement. While young gamers often don’t have sensitive information on their computers, they make an enticing target because of the value they place on their gaming profiles.
While ransomware typically targets individuals, it has a malicious big brother that goes after much bigger targets. In this scheme, hackers infiltrate an organization’s network, steal sensitive information, and hold it for ransom. They threaten to release the information if the organization doesn’t meet their demands. One recent victim is none other than the government of South Korea. In March, a hacker demanded a ransom in exchange for not releasing information on the country’s nuclear power plants. The attacker then tweeted his demands and boosted his credibility by posting information on the country’s APR-1400 reactor. While the South Koreans insist that the posts didn’t contain sensitive data, the incident underscores the seriousness of these extortion attacks.
In a separate incident, the hacker group Rex Mundi announced that it had stolen hundreds of blood test results from the French lab Labio. The group published the names of the patients who were affected and threatened to release their blood test results if Labio didn’t pay up. In another example, the hacker group Anonymous threatened a DDoS attack on the BBC if they didn’t reinstate the host of Top Gear after he was suspended for allegedly punching a producer.
Cyber criminals are becoming increasingly sophisticated, both in terms of technology and in how they use it. For instance, hackers could easily launch a massive DDoS attack and demand a ransom to stop it. And you don’t have to be the government of South Korea or the BBC to be a victim. If your company is connected to the internet, you’re vulnerable. It’s tough to cover all of the bases, which is why many companies are outsourcing at least part of their data security, like DDoS protection and mitigation. How safe is your network, and what additional steps are you taking to protect it?
Tags: Amplification attacks → Application Layer DDoS → DDoS attacks → DDoS mitigation → DDoS protection → DrDoS attacks → NTP reflection attacks → Protection for Networks
By Frank Ip → Friday, March 27, 2015