Blackmail Over the Internet

Ransomware is malware that typically enables cyber extortion for financial gain. Criminals can hide links to ransomware in seemingly normal emails or web pages. Once activated, ransomware prevents users from interacting with their files, applications or systems until a ransom is paid, typically in the form of an anonymous currency such as Bitcoin.

Ransomware is a serious and growing cyber threat that often affects individuals and has recently made headlines for broader attacks on businesses. Payment demands vary based on targeted organizations, and can range from hundreds to millions of dollars.

Once infected, a victim has little recourse. If they do not pay the ransom, they suffer business down time, loss of sensitive information or any other penalty specified by the attacker. And even when they do pay the ransom, they remain vulnerable to attack from the same attacker or a new one, and reward attackers for their successful tactics.

Usually, if you have to choose whether to pay a cyber ransom, it’s too late.

Dangers of Ransomware

Once ransomware infects a user’s system, it either encrypts critical files or locks a user out of their computer. It then displays a ransom message that usually demands virtual currency payment in exchange for a cryptographic key to decrypt or unlock those resources. The message may also threaten to publicly release compromised data if the payment demand is not met.

Some ransomware can travel from one infected system to a connected file server or other network hub, and then infect that system.

The impact of ransomware is immediate, compared to stealthier malware such as those used in an advanced threat attack. As evidenced from recent headlines, there is growing concern among individuals, businesses and governments about the complex effects of ransomware, which include monetary damage and business downtime.

While initially popular in Russia, the use of ransomware scams has grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities, and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

Commander is a server based system that does not rely on the internet for daily operation, however we all use emails and access various web sites during the daily course of our business. Making regular backups and saving them on a different drive is critical to survive this threat. We suggest that you warn all your employees about this danger and do not open attachments to emails from unknown senders that you do not recognize. Call our technical support department immediately should you become a victim of cyber extortion.