How do Countries use Ransomware in Cyberattacks Against the U.S. and What Precautions do U.S. Security Agencies Take to Prevent these Attacks?
With cyber attacking being a huge issue for years, ransomware only continues to get worse. Ransomware is a form of cyber attacking that has been used for a long time. Ransomware specifically is a form of malware where cybercriminals attack a system with a malicious code and lock your computer until a payment is done (Fruhlinger, 2018). The person who is being attacked is shown instructions on how to pay to obtain the decryption key and the costs usually range from a couple hundred dollars to thousands (Fruhlinger, 2018). Cybercriminals have many ways of attacking our computers such as exploit kits, malicious email attachments, and malicious links. One of the most common methods is the email attachments, more specifically called Phish. This method tricks a person into opening the attachment, downloading it and then the cybercriminal can take control. They may act as law enforcement or claim the person attacked committed something illegal. A more aggressive approach is NotPetya, where they don’t even need to trick users (Fruhlinger, 2018). The reason why cybercriminals attack people’s computers is to encrypt all their data. Attackers are also very specific about who they want to attack. They may scope out organization with smaller security teams, such as universities. The attackers may also scope out people who will pay the fine faster because the organization needs to access their files, such as medical facilities (Fruhlinger, 2018).
According to Amin Kharraz et al., ransomware came about over 15 years ago, but it didn’t become popular until closer to 2013. In 2013, ransomware increased 500%, making it headlined as the most notable malware trend (Kharraz, Robertson, Balzarotti, Bilge and Kirda 2015). A specific example of an attack is Cryptolocker that infected 250 thousand computers, including a police department (Kharraz et al., 2015). Many of these cybercriminals force the people they attacked to pay through bitcoin so it’s easier to conceal. During the Cryptolocker attack, 1,872 different bitcoin addresses were used (Kharraz et al., 2015).
When it comes to avoiding ransomware, we must have an insightful understanding of the attacks (Kharraz et al., 2015). Those fighting against ransomware are currently are investigating the attacker’s sophistication rather than giving insight on defense mechanisms (Kharraz et al., 2015). When it comes to protecting your computer, Fruhlinger suggests keeping your system up-to-date, don’t install software’s or give administrative privileges, install an antivirus software and back-up your files.
Works Cited
Abrams, Lawrence. “The Week in Ransomware- July 27th 2018- Ransomware Still a Threat”. Bleeping Computer. 27 Jul. 2018. https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-27th-2018-ransomware-still-a-threat/ Accessed 26 Feb. 2019.
Fruhlinger, Josh. “What is Ransomware? How these attacks work and how to recover from them”. CSO. 19 Dec. 2018. https://www.csoonline.com/article/3236183/ransomware/what-is-ransomware-how-it-works-and-how-to-remove-it.html Accessed 26 Feb. 2019.
Kharraz, A. et al. 23 Jun. 2015. Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks. Springer Cam. https://link.springer.com/chapter/10.1007/978-3-319-20550-2_1#citeas Accessed 26 Feb. 2019.
Landesman, Mary. “What is Antivirus Software?”. Lifewire. 19 Dec. 2018. https://www.lifewire.com/what-is-antivirus-software-152947 Accessed 26 Feb. 2019.
