Once upon a time, if you wanted to infect someone’s computer with a worm or a virus, you’d have to code it yourself, then figure out a way to actually get it onto someone’s system. Oh sure, since the dark days of the primordial-internet’s BBS’s, instructions on how to assemble everything from a spambot to a keylogger was out there for any script-kiddy with an ego to feed, but you at least needed to know some of the basics of working with code. Recently, however, we’ve seen the alarming trend of what has been dubbed Ransomware as a Service (RaaS), an offshoot of the increasingly popular Software as a Service (SaaS), only slightly more nefarious. Ransomware as a Service opens the realm of data hostage taking up to anyone with a credit card.
THE DEVIL IS IN THE DETAILS
We covered the high-profile ransomware, Cryptolocker, in a previous article. This particular brand of virus encrypts the important files and documents on your computer, then demands money if you want them back. The Cryptolocker opened the door for similar viruses, and there’s now a slew of copycats out there. Recent reports claim that a whopping 50% of US companies have experienced a ransomware attack, including the high profile attack on the San Francisco Municipal Transportation Agency. If that wasn’t bad enough, now this tech is affordable, easy, and available.
Ransomware as a service couldn’t be easier: register on a website, customize it to your liking, deploy it against your victims, and wait for the Bitcoins to start rolling in. One such example is the Satan RaaS, a fairly new player that allows users to register and track the success of their investment. In return, the developers of Satan pocket 30% of any successful ransom payments. It’s ridiculously user-friendly in a way that many SaaS sellers fail to provide.
RANSOM FOR REVENGE
Major hacker clans aren’t going to have much interest in something like this when they can develop their own ransomware virus and keep all the profits, so who is it for? Anyone with a motive to do harm.
Any employee who has been served their slice of pinkslip can use the last of their network access powers to pull the pin on a virus and walk away with either a chunk of change or the feeling of smug vindication, followed by the smell of a burnt bridge. Any enterprising student could earn themselves a day off by propagating a virus on their school’s unsecure network. Did gramma skimp on the Christmas card money? Hopefully she wasn’t too attached to those photos of her other grandchildren.
That’s a pretty scary prospect. Anyone deficient in moral fiber now has easy access to the tools needed to create a revenue stream from everyone’s cyber-misery. Authorities will no doubt crack down on distributors and users of this software, but the bag of chips has already been opened, and a ceaseless number of copycats will follow.
BACK THAT UP
Protecting yourself from Ransomware is simple: back up your data. Back it up frequently and in different locations. Back it up where no one can reach it, except in an emergency. Talk to the folks at Just Fix It about the best ways to back up your data and keep it safe from ransomware. It doesn’t take much for all your important files to become encrypted, and that can be catastrophic if you’re not careful. The ransomware epidemic has the potential to get even bigger, and conventional means of protection are proving ineffective, so make sure you’re prepared and can recover quickly.