Who Is

watching out for you?

In today's world you need to understand a few more things...

Who Is

knocking on your virtual front door?

It could be someone down the block or from the Bloc

Don’t pay the ransom... it’s unlikely to pay off for you

image of Kevin Haley

14-Nov-2012 - So you’re online and suddenly a popup announces police have determined you’re in violation

 of some law and your fine is $200. If you pay immediately you’ll be spared greater fines and jail time.

Considering how many ridiculous laws politicians have passed, and often and how far police step over the line these days, it’s almost believable. What do you do?

“Convincing people police will arrest them if they don’t pay... how do you put a price on avoiding jail time?” asked Kevin Haley, Director, Symantec Security Response.

“While you might think $200 is a good price to unlock your computer, very few of these criminals will unlock your computer once you’ve given up your money. They’re more concerned with spending your money than they are with helping you out of your situation.”

Ransomware started in Russia [Where else does the truly nasty malware come from? Even the Nigerians aren’t so brazen]... moved thru Germany... and then across the world.

The computer-nappers have gotten very sophisticated. They can identify your language and location. Once they have, up pops up the appropriate screen for you.
The evolution of ransomware is they’re no longer trying to sell anti-virus software to remove what they installed... they’re saying they’re the police and if you don’t pay the fine you’ll go to jail or pay additional fines.

Some will even turn on your webcam and put your picture on the screen, saying, “We’re watching everything you do, so you’d better pay up.”

Eventually things may evolve to where the criminals no longer pretend to be police, instead coming right out and saying, “We have your computer and the only way to get it back is to pay us.”

Because so many gangs are involved in ransomware, there are multiple attack methods... email attachments... drive by downloads... and infecting legitimate sites that are unsecured are three.

“Companies look for multiple distribution methods for their products – store... online... kiosk... vending machines... these gangs want to grow their businesses like any other,” Haley said. “So why limit themselves to one site? They can break into any site that isn’t properly secured and host their software on it...or they’ll hire spammers to send millions of emails.”

Collecting the ransom is the hardest thing for any criminal to get correctly. Online payment systems simplify the process, and that’s another reason ransomware is growing in popularity.

Is stealing from consumers more profitable than all the APTs stealing corporate IP we’ve been reading about for the past two or three years?

“A common criminal may not know what to do with your IP,” Haley said. “Taking money from you is very simple. Right now we’re watching one of these guys with an estimated success rate of 2.9%. He’s probably making about $400,000 a month. That’s why more gangs are getting in on this – they follow the money.”

Haley’s advice for users...
•    Keep your security software up to date
•    Get the latest patches
•    Don’t click on something that seems wrong

We have some tools that will help you get it off the machine,” he said.

“You’ll likely need another computer, however you can get a repair tool and boot tool that will help you fix these things. Symantec has products that can keep this software off your system. It takes a lot of locks to keep your system safe these days, so you’ve really got to look for more than anti-virus.”

That said, Haley reminds us that he’s using “security software” instead “anti-virus”, and he’s not pitching Symantec products per se.  

“A great thing about the industry is we’re in competition with the bad guys, not each other,” he said.

The Symantec white paper on ransomware is available here

Watch the YouTube video