F-Secure Evaluates File Retrieval from Ransomware Hits
Cybersecurtiy is one of the most prevalent threats today due to the increasing prevalence of IT in all aspects of daily life Nowhere is this more so than here in Malaysia, since thanks to MDEC and other ICT growth catalysts, the sector is growing at astonishing paces.
According to CyberSecurity Malaysia, over 2015 alone more than 30 Malaysians a day fall victim to some form of cybercrime or other. One of the commercial aspects of cybercrime is Ransomware. This is where the “Ransomer” uses malware to lock files from their owners. To retrieve the files requires some form on unencrypting key – which only the ransomer will have.
However, in a study by Cybersecuirty experts F-Secure, it was found that the people behind these crimes for the most part don’t wish to do damage; only extort. In fact, they are even willing to negotiate a price and actually care about your convenience.
In the detailed report Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It. The experiment involved evaluating the “customer experience” of five current crypto-ransomware variants, beginning with the initial ransom screen all the way to interacting with the ransomware criminals behind each of those variants.
Key highlights in the report indicate that:
- Those families with the most professional user interfaces are not necessarily also those with the best customer service.
- Crypto-ransomware gangs are usually willing to negotiate the price. Three out of four variants were willing to negotiate, averaging a 29% discount from the original ransom fee.
- Ransomware deadlines are not necessarily “set in stone.” 100% of the groups contacted granted extensions on the deadlines.
- One of the groups claimed to be hired by a corporation to hack another corporation – a kid playing a prank, or a sinister new threat actor?
The report highlights the paradox of crypto-ransomware: On one hand, perpetrators are “the nasty criminal, but on the other hand, they have to establish a degree of trust with the victim and be ready to offer a certain level of service in order to realize the payment in the end,” according to the report. As such, crypto-ransomware families often operate similar to legitimate businesses, with accessible web pages, helpful FAQs, “free trials” for file decryption, and even customer support channels with responsive agents on the other side.
“We read stories about ransomware every day, and lately the word ‘epidemic’ is being used to describe its proportions,” says Sean Sullivan, Security Advisor at F-Secure. “We wanted to offer a different look at this problem of mass crime, but ultimately to take the opportunity to remind people and businesses once again of what they can do to protect themselves from this threat. Software updates, good security software, caution with email, and most importantly, in case all else fails, back up your stuff regularly, before you ever become a victim.”