During a recent visit to the dentist, I heard a familiar narrative play out between the dentist and his assistant. The dentist was recounting a conversation he had with a fellow dentist in which a “hacker on the Internet” infiltrated the computer system at his friend’s business and locked everything down – a typical ransomware infection.
I casually explained that the Internet is by and large a safe place and that the victim likely opened an e-mail containing a malicious attachment or clicked on a bogus link within a phishing e-mail. Needless to say, my comments fell on deaf ears as the dentist ultimately instructed everyone in his office not to get online.
Ransomware is becoming increasingly more common. In fact, according to a recent report from threat management firm PhishMe, phishing attacks with a ransomware payload have increased from 56 percent in December 2015 to an incredible 93 percent.
Why the sudden jump, you ask? It’s simple – ransomware is much easier to deal with on the attacker’s side.
With malware that steals personal information, an attacker must either use the stolen credentials themselves and risk being caught or sell the data off to someone else. Either way, it takes time to get paid. Ransomware, on the other hand, is quick and easy. The victim pays the ransom – usually via Bitcoin – and the attacker (hopefully) sends over the decryption key.
There’s far less risk of being caught due to the anonymous nature of Bitcoin and there’s not much wasted time between the infection and payment (assuming of course that the victim does decide to pay up).
Image courtesy Kaspersky