Blake Dowling: New ransomware kicks it up a notch

anonymous Ransomware

Meeting this week with one of our national security partners, SonicWall, we had a fantastic luncheon with some local media partners, clients and Aegis staff.

A big topic of conversation — ransomware.

A SonicWall firewall can certainly help minimize risk, but there is no 100 percent protection from the constantly changing landscape of cyber threats.

Say you are a successful lobbyist, and legislation you want to pass is passing; you keep tweets clean, your email is in a secure cloud, your hardware is under warranty, with a solid backup, password-protected wireless network, two factor authentications for financial institutions, solid anti-virus, anti-spam protection firewall, and so on.

You rock through Session, rolling in a Maserati or other fly ride, feeling confident, successful — think Vince Vaughn in Swingers — confident. Then an intern clicks a link in a bogus ransomware email they thought was from the bank.

Now the game has changed; suddenly all your files are encrypted.

You are hosed.

Making things even worse is that this particular variation of ransomware not only encrypts files, but — if you do not pay the ransom — publishes your data on the web. That could include sensitive client info, financials, browsing history, everything.

This is happening, like a Cary Pigman late-night DUI. It’s not pretty, but it is a reality.

Let’s say; perhaps you spent the past three days logged on to Vegasinsider.com (or streaming episodes of Days of Our Lives), your clients and the whole wide world will know.

QuickBooks files? Yup. All of it.

Over the past few years, ransomware threats (like CryptoLocker) have hauled in over $325 million, with growth that more than doubles each year. How? Why?

Side note, why was Chris Kattan on Dancing with the Stars, what a spectacle. Even worse, why am I admitting to watching? Talk about shame.

Anyway; the “why” is indeed Intriguing.

The business model of ransomware cons is awesome (the crime is not awesome, but it is a classic pyramid scheme).

Go on the dark web and buy a ransomware tool kit for next to nothing; “they” show you how to launch ransomware campaigns via the web and they want half the cut (usually of any of the profits you make).

One variation is particularly devious.

After infection, they will send you the encryption keys to your files, but only if you get two other people you know to click on the same email. They also encourage you to send it to people you don’t like.

Wow. Talk about preying on fears and weak spots.

The threats are real, so keep your Maserati clean, and keep the intern off the internet.

___

Blake Dowling is CEO of Aegis Business Technologies and writes for several organizations. He can be reached at [email protected]

Blake Dowling

Blake Dowling is CEO of Aegis Business Technologies. His technology columns are published by several organizations. Contact him at [email protected] or at www.aegisbiztech.com



#FlaPol

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch @PeterSchorschFL

Contributors & reporters: Phil Ammann, Drew Dixon, Roseanne Dunkelberger, A.G. Gancarski, Ryan Nicol, Jacob Ogles, Cole Pepper, Jesse Scheckner, Drew Wilson, and Mike Wright.

Email: [email protected]
Twitter: @PeterSchorschFL
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704