Ransomware Rises – The Growing Threat To International Security

This post is also available in: עברית (Hebrew)

Over the last few years a new menace has emerged: ransomware. Hackers now routinely take control and hold hostage the computer systems of businesses, hospitals, whole towns, and even law enforcement. These cybercriminals cripple vital computer systems, paralyse vital and essential services, and demand payment to allow victims access to their own data. And the problem is getting bigger – much bigger.

In 2014, the FBI received 1,838 complaints about ransomware in which victims lost more than $23.7 million. In 2015 the numbers grew to 2,453 complaints and more than $24.1 million lost. “Definitely a growing threat,” said section chief in the FBI’s cyber division, Special Agent Chris Stangl. “Success breeds more activity.”

The amounts demanded are generally relatively small, ranging from hundreds to several thousands of dollars. But that does nothing to diminish the scope of the threat. As more and more organisations come face to face with these sort of attacks, the disruption to society is growing. In a recent attack on a hospital in Los Angeles, officials were forced to pay out $17,000 in Bitcoin to gain re-access to restricted patient medical records. Doctors were locked out of access to email or electronic health records for more than a week. Officials at the hospital claim patient care was not compromised, but even if that was the case in this particular instance, next time we could be less fortunate, and lives could be put at risk.

It seems that in that particular attack, the infection vector was random, meaning a hospital employee likely clicked on an infected link. But hackers are getting increasingly sophisticated, perpetrating so-called “spear-phishing” attacks that target particular organisations and individuals with custom-tailored and believable emails enticing them to put the entire computer infrastructure at risk.

With the growing sophistication and audacity of ransomware attackers, it is highly likely that soon-to-be-targeted facilities could be of an even high-risk profile than hospitals, businesses, and local police stations. When even more critical installations and infrastructure come to peril, whole nations could be held hostage by common cyber-crooks.