Ransomware attacks, a growing threat to gadgets

Have you been hacked today? If not, consider yourself lucky as recent statistics show your likelihood of being attacked is exceedingly high. You may have been a victim and not even know it!

Calytix Security reported in August the top cyber attacks in 2016 were web application attacks, which accounted for 24% of the current attacks. These types of threats occur when an attacker injects a malicious SQL statement into an application script. SQL stands for Structured Query Language which is a special purpose programming language designed to manage relational databases, the heart of web applications. By attacking in this manner, the cyber attacker can gather a rich variety of information from a company’s or individual’s data. This can include all of your customer information, credit card information and contact information.

Cross site scripting or client-side code injection attack is another web application vulnerability exploited by hackers. It occurs when attackers push “scripts” and other malicious payloads into a legitimate web application. This type of attack has become one of the most rampant attacks from web application vulnerabilities. In cross site scripting, vulnerabilities within a website or web application are exploited without the victims becoming aware in visiting websites. The attacker uses the vulnerability as a vehicle to deliver this malicious script onto the victim’s browser. The most widely abused form of transfer is JavaScript, since JavaScript is fundamental to most browsing experiences.

Unfortunately, the consequences of this type of attack may not immediately stand out. Malicious JavaScript has access to the same objects on the webpage, including access to cookies. These cookies can be stored as “session tokens” so that attackers can impersonate the users and gain access to the operating system and the user’s files. When combined with social engineering, these attacks allow hackers to conduct advanced attacks on computer systems including, cookie theft, key logging, fishing and identity theft.

Prevention of these types of cyber attacks require application developers to know how to secure and maintain their code, as well as adding “captcha” or other web application firewalls to check application intrusion.

Nearly one of every five attacks in 2016 occurred because of malware. These attacks can be application-specific, to target specific items on your computer. These usually result from “packet sniffing” which captures all of the information in the “data packets” or message information being sent to or from your computer and traveling through the application.

Attackers then use this data to tailor their approach to a specific vulnerability.
A particularly nasty malicious software making the rounds is known as “ransomware.” This malware is one of the newest ways criminals can extort victims for money. They literally kidnap your computer system until you pay the ransom to have your data released. The most popular types of ransomware are Cryptolocker and Cryptowall, which first debuted in 2013. By clicking on malicious email attachments and accepting untrustworthy downloads you open your computer system to the ransomware virus.

This virus then encrypts all of user files, completely restricting access, and demanding that you contact the kidnappers in order to pay the ransom. Once the ransom is paid, the attackers release the encryption key so you can decrypt your files. Typical ransoms demanded are initially in the thousands of dollars but can be negotiated down to more reasonable levels of about $600. Payments are usually received in Bitcoin, MoneyGrams or other untraceable prepaid cards and methods.

Cyber experts estimate over $1 billion is being generated globally from cyber-criminal “kidnapping” of computer systems in homes and businesses, then demanding and collecting ransoms. Since they have become such a lucrative illegal enterprise, ransomware attacks are a growing threat not just to desktop PCs and tablets, but have now been extended to smart phones operating on both Google’s Android operating system and apples iOS ecosystem.

Defence and recovery
Your best defence and recovery against such attacks is you! Make sure you regularly backup your computer and important documents and keep your antivirus and anti-malware programmes up to date. Be very careful when opening attachments, and never open attachments in email from persons you do not know or in emails from your contacts which you do not expect to receive. The same advice goes for those pesky “pop-ups” requesting you to click on links to remove malware on your computer. 

Use your legitimate antivirus software to locate, isolate and remove the malware.  To do so, you must make sure your antivirus software is up to date. Remember, your legitimate antivirus or anti-malware programme will not solicit a response from you in such an obnoxious way.

Some screen lockers will use scare tactics to solicit your immediate (and unthinking) response. If you receive a document or notification from a seemingly “official” source telling you illegal activity has been detected on your computer and your system has been “locked” until you respond, don’t! The government will not freeze you out of your system, nor demand payment to reinstall your system.

Also be aware of the most common approaches for infecting computer systems with malware through social engineering, to manipulate you to give up your confidential information. You may remember the famous “Trojan Horse” given by the Greeks to the city of Troy. The people of Troy were so excited to have “won” the war and flattered by the Greeks “tribute” manifested by such an impressive gift, they left common sense aside. They moved the impressive horse inside the walled city only to be awakened in the night by a Greek surprise attack led by those hidden inside the horse, which opened the gates for the returning Greek army. Today, these attacks work the same. Beware of free gifts!

(Iyengar is a distinguished Ryder Professor and Director, School of Computing and Information Sciences, Miami; Miller has been with US Air Force for over two decades and is Coordinator, Discovery Lab, Florida International University)