Use of malware that holds files hostage is spreading fast

RALEIGH, N.C. (WNCN) – A new type of malware is popping up across the country and it virtually holds your files hostage.

It’s called ransomware and it’s spreading fast.

“I don’t think anybody or any organization is immune to these types of events,” explained Stewart Bradley, vice president of cyber security at SAS.

See more examples of ransomware

See more examples of ransomware

 

It could be a typical work day. You check your email and get an important message from “the boss.”

It’s a link. You better open it. But this time it was a fake.

That’s all a hacker needs to take over your pictures, financial documents, music – you name it.

They encrypt your files, making them useless until you pay to have them unlocked.

Messages will pop up demanding payment for the safe return of your files.

Typically, the ransom demand also includes a “deadline” to pay quickly, often times within 48 hours. The scammers want you to make a quick decision and pay them before you have a chance to check out their claims, call a computer repair service, or law enforcement.

The malware can also completely block you out of your computer’s operating system.

“It can do reconnaissance and find out where the crown jewels are attack those bits of information,” Bradley explained.

malware2

And it’s not just personal computers. These hackers are going after big business.

“Social security numbers, bank account numbers passwords, there is a tremendous amount of value,” Bradley said.

It almost happened in Durham.

“We did have an intruder in our network,” explained Kerry Goode, Technology Director for the city of Durham. Goode says the city has been the target of at least three hacks.

“It did come up with a message saying that the information was locked up and we’d need to pay a ransom to get the information back,” Goode explained.

Luckily, the hackers couldn’t get any sensitive or confidential information and the city was well-prepared.

malware3

“We had good, robust backups so there wasn’t any impact to the city,” Goode said.

They reset the computers and thanks to saved backups, they were back in business. But others haven’t been as lucky.

“A few cities didn’t have any contingency and it impacted them,” said Goode. “I heard of one case where they had to pay the ransom.”

Horry County schools in South Carolina did, a hospital in Hollywood did, and so did a hospital in Maryland.

According to the FBI, victims in North Carolina have dished out more than $162,000 to pay ransoms. One victim paid $150,000 ransom. It’s something the bureau doesn’t recommend.

malware4

The first full year of statistics from January to Dec. 2015 show more than $1.6 million dollars in losses nationwide.

“You’re going to see it everywhere,” Bradley said. “It’s a small fraction of events that are actually reported and become public knowledge.

Unfortunately you can’t always rely on your antivirus or firewall to catch ransomware.

“The historic approach of protecting the perimeter and building a higher wall or a deeper and wider moat no longer exists,” Bradley explained.

So what do you do?

Bradley says companies have to monitor and analyze daily activity so they’ll know when hackers manage to sneak in.

Individual users should avoid questionable email links or pop ups.

And most importantly for everyone – back up your files.

malware5

“There’s nothing worse for an organization than having the reputational risk of third party data loss and we’ve seen the cost for organizations to repair those relationships,” said Bradley.

And let’s face it, catching these hackers is nearly impossible. Plus getting access to ransomware is easier than you may think.

“An individual like me can go to the ‘dark web’ and get access to ransomware. What once was something that was limited to criminal enterprises is now widely available,” Bradley said.

“It’s like a silent killer, it penetrates your network and when it makes itself known, it’s already done damage,” said Goode.

For more safety information from the FBI, click here.

1 thought on “Use of malware that holds files hostage is spreading fast

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s