Your PC taken hostage

By Aqsa Hussain.

We recently witnessed a cyber attack which left individuals and organisations virtually crippled. The WannaCry ransomware cyber-attack hit over 200,000 computers in 150 countries demanding up to $600 per ransom. From the Indian Police stations to French car manufacturers and UK Hospitals, it seems as if disruption was the primary aim for these hackers. With the importance of cyber security reemerging in the mainstream public domain, it’s worth spending some time explaining what all the fuss was about. What is ransomware and why did its intrusion in computer systems result in patients being turned away from hospitals and factories being shut down?

In a nutshell, ransomware is the use of technology to extort money from victims. Its scale varies from it preventing you from being able to access Windows to encrypting files so that you cannot use them to stopping certain applications such as web browser from functioning. Simply put, your files and data have been taken hostage and you are unable to use your PC until you pay up. Typically, you have to pay in bitcoins since this cypto-currency is untraceable by law enforcement (for now) and there is always a time-limit adding another level of psychological despair to this extortion.

As with any hostage situation, there is no guarantee that by paying the ransom, you will be granted access to your PC; by paying on time, you may be able to access your files again. Missing the deadline could result in the ransom amount increasing or all of your files being deleted or released into the public domain.

The history of ransomware dates back to 1989 when the AIDS Trojan was spread via the floppy disk. In order to get access to your data, you had to send $189 to a post office box in Panama. It has definitely advanced a bit since then…

It is not only your home PC which can be targeted. In fact, after realising how lucrative this business was, ransomware creators and distributors moved onto bigger targets such as business networks, city councils, hospitals, and police servers. Public institutions have huge databases of confidential information which if leaked can cause immeasurable damage. The NHS in the UK has experienced the most attacks on its servers than any other public agency with a noteable one in 2016 which resulted in a 4-day IT shutdown and non-urgent appointments and treatments being cancelled. Last weeks attack has been described as even worse. Attackers know that these institutions often use older software and equipment which is easy to infiltrate (the NHS still operates predominantly on Windows XP!). When it comes to businesses, cyber criminals also know that businesses have money and that their ransomware will cause major disruption, therefore increasing the likelihood of them being paid. They also realise that businesses fear legal or reputational consequences so will probably not report the attack. That being said, since 2016, ransomware has seen a 50% increase in both homes and enterprises. Is this due to more cybercrime or more reporting? There is no clear cause.

Many crime TV shows such as 24 (a personal favourite) have stimulated the imagination showing us how criminals are able to infiltrate network utilities such as water and electricity, right the way to nuclear reactor sites holding these hostage until a demand has been met. It would be naive to think that this is not yet a possibility and perhaps even something that the security services have already grappled with.

On the flipside, there is something to be said about the entrepreneurial spirit of ransomware creators and distributors. They’re business-oriented, know where their opportunities lie and are daring in their pursuits.

To prevent your own computer from being taken hostage, there is not much you can do apart from the obvious – don’t open suspicious emails (even SMS messages!), don’t use untrusted WiFi connections etc. More importantly, always keep a backup!