A major cyber-attack has struck computers worldwide, holding helpless users to ransom. This is becoming something of a trend. What is ransomware, and what can we do to defend ourselves?
What has happened?
On Tuesday, a major cyber-attack shut down computer systems belonging to businesses and the government in Ukraine. The software has quickly spread to other organisations in Europe, the USA and elsewhere, causing chaos; victims are locked out of their computers and asked to pay $300 to get back in. Software that asks for a ransom is called “ransomware”.
How does it work?
It uses sophisticated encryption to make all your files — documents, photos, music — inaccessible. A message appears on your screen, asking you to pay a sum via an online crypto-currency (usually bitcoin). If you do so, your files should soon be unlocked (although there is no guarantee — you are dealing with criminals, after all). If you refuse to pay, your files are lost forever.
How do you get it?
Ransomware can enter your computer through an attachment to a spam email, a download of vulnerable software, or even a visit to a dodgy website. Once on a computer, it can generally spread quickly through a network, as the latest ransomware has been doing on company servers.
Is ransomware a big deal?
Huge — one of the most common kinds of cyber-crime, in fact. It has skyrocketed in the past few years, partly thanks to the rise of crypto-currencies. Companies are creating bitcoin reserves for use in an attack. In 2015, ransomware led to an estimated $24m in ransom payments. In 2016 the FBI believes that the figure may have hit $1 billion. And things are not slowing down in 2017: May saw the biggest ransomware attack in history.
What happened then?
A ransomware called WannaCry shook the world. To date, it has affected over 230,000 computers in some 150 countries. In the UK it hit the NHS’s IT system, wreaking havoc with medical treatment. Elsewhere, it affected telecoms, utility and delivery companies, among others.
Any similarities with this week’s attack?
They exploit the same vulnerability in Microsoft Windows. (Apple Macs have yet to be hit by a major ransomware attack.) But they have another thing in common: they have both been pretty bad at getting money. In fact, the latest ransomware’s payment system was very amateur, and was swiftly shut down.
What does this suggest?
Some experts believe that those behind the attack were simply inept. Others think they are after another way to make money: ransomware can also steal people’s sensitive data, which can then be sold. Others yet argue that the “ransom” aspect is a cover, and that the attackers just want to spread chaos — especially in Ukraine, perhaps.
So who is behind these attacks?
Hard to say. Often, hackers develop ransomware and sell it anonymously on the dark web for others to spread. It is very difficult to track them down. Ukrainian officials have blamed this attack on the Russian government, but it denies the accusation, pointing out that Russian businesses were affected too.
What next for ransomware?
It is getting more sophisticated, fast. Bigger and more effective attacks are sure to follow. Moreover, as our appliances — cars, fridges, thermostats — increasingly connect to the internet, they too are becoming vulnerable. Just imagine a ransomware that prevents you from heating your home in winter.
How can we stop this?
Users must act to protect their data. This means backing it up on external hard drives, updating their operating systems regularly, and installing anti-virus software. They should never download suspicious attachments.
Appliances are trickier. As the “internet of things” develops, we may need new laws to force manufacturers to keep their products as secure as possible.
- Is it wrong to pay ransoms?
- Draw up a list of the things you have done to protect your computer against hacking. Over the next week, make one change to further improve your security.
- A digital currency that is not regulated by banks or governments. This allows users to trade anonymously — hence its popularity with criminals.
- Vulnerable software
- This week’s attack targeted an accounting software used by the Ukrainian government and companies that work with it, raising the suspicion that it had a political motive.
- Bitcoin reserves
- A survey of large UK businesses by corporate networking company Citrix revealed that a third were stockpiling bitcoin. However, experts — and governments — warn against paying ransoms, as it encourages the criminals.
- Dark web
- Created in large part by the US military, the dark web is a network of websites that afford users complete anonymity. It enables free speech among people living under repressive regimes, but also allows criminals to operate freely.
- Internet of things
- A term that broadly refers to the integration of different devices — not just computers and phones — into online networks, to improve their performance. Say, a fridge that automatically orders more groceries when it becomes empty.