Ransomware is becoming a part of everyday life. This is illustrated by startling examples of the insidious malware that have occurred in just the past few weeks.
Ransomware occurs when a user executes malware that locks up his or her device. The malware gets into the machine either because the user is tricked into doing so or via a contaminated download. The ransom generally is paid by bitcoins.
The Washington Post reports that 123 of the 187 network video recorders that are part of the Washington, DC, police department’s closed circuit video service were offline between January 12 and January 15. Each of these devices stores video shot by as many as four cameras. Donald Trump was inaugurated on January 20, which points to the potential danger the attack represented.
Earlier this month, the Romantik Seehotel Jaegerwirt, an expensive hotel in the Austrian Alps, gave in to a ransomware attack, according to Network World. This was the third time that the hotel was attacked. During one of the previous two occurrences, a backdoor apparently was left in the system that made reentry easier.
During the opening weekend of the winter season, the electronic guest room entry cards stopped functioning and could not be reprogrammed. The hotel at that point had 180 guests – a full house – and the hotel decided that it had no choice but to pay the hackers about $1,600 in bitcoins.
The hotel said that it publicized the situation in order to raise awareness. Ironically, the result will be that the 111-year-old hotel will be upgrading to an exciting technology: old-fashioned metal keys.
Not every organization surrenders to ransomware. On January 19, more than 700 circulation and public computers in the St. Louis public library system were taken hostage. The 17-branch library, according to Threat Post, refused to pay the $35,000 ransom. Services were gradually brought back online during the next few days. As of the time of the post, only the reserve system remained offline. No trouble was expected in bringing it back.
The ability of the library system to avoid paying ransom certainly is a good sign. It is unclear why it was able to deal with the problem so effectively while other organizations seem helpless to respond. One hint is that the criminals broke into the system electronically and planted the malware, which is an atypical way of spreading ransomware. Perhaps that difference points to a lack of sophistication in the malware or its implementation.
Ransomware is terrifying to businesses. Indeed, it’s so scary that some companies pay up – even though they have not been victimized. OnePoll and Citrix asked 500 UK businesses with 250 or more employees about their experience with those claiming to be holding them ransom.
The study found that 39 percent of the businesses had been bluffed and that 61 percent of these paid a ransom. The companies paid an average of £13,412.29 ($16,739.22), with 6 percent paying more than £25,000 ($31,198.73). The results of the survey suggest the unfortunate possibility that organizations are intimidated or are simply giving up:
Ultimately, this research leaves a worrying impression that organisations may be treating ransomware as a cost of doing business – just like shrinkage and fraud in some sectors. This mentality may be resulting in British businesses paying out when it is not necessary, while simultaneously supporting cybercriminal activity.
The press release didn’t say why folks getting the demands didn’t simply check to see if there indeed was a real ransomware attack. Whatever the details, the result of the research in its own way is as frightening as the real attacks.
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at [email protected] and via twitter at @DailyMusicBrk.