Cybercriminals used to steal credit card numbers and sell them to other criminals to manufacture fake cards. Now they steal data and hold it ransom. Yesterday on Think, Lauren Silverman talked with Josephine Wolff, an assistant professor at the Rochester Institute of Technology, about this shifting business model in cybercrime.
The KERA Interview
http://traffic.libsyn.com/kerathink/KERA_Think_06-28-16_HR_2.mp3
Josephine Wolff on …
… how ransomware works:
“You infect people’s computers at huge scales. You use these large scale bot nets to deliver e-mails or malicious websites that infect your computer and once your computer is infected or once you click on that attachment, or that link in an e-mail, then all of your data is encrypted with a key that you don’t have. So you can’t decrypt it and the only thing that you can do on your computer usually is submit a bitcoin payment to the criminals. They say once we receive this we will give you the key, you’ll be able to decrypt all of your data. Of course, the only way to know if they’re telling you the truth is to make the payment and find out.”
… victims of ransomware:
“It’s not just you or me sitting at home on our laptops. There have been whole large organizations, police department, hospitals, banks that have been falling victim to this. At which point you can imagine the price you can charge starts going up pretty rapidly, because what I’m willing to pay for my data is nothing compared to what a bank or a hospital is willing to pay.”
… the trustworthy criminal:
“The difference between the so called trustworthy criminals and untrustworthy criminals is that some of them aren’t actually going to decrypt your data after you pay a ransom and some of them are. And the reason it matters to them and to us is because if you don’t actually get your data back, nobody is going to pay. This business model isn’t going to work for them. So, they have a huge vested interest in trying to build reputations for themselves so that when they target victims, those victims do actually go ahead and pay them.”
... how to keep your data safe:
“So much of this is happening through infected e-mail attachments or links sent by e-mail that you almost can’t be too paranoid when you’re reading your e-mail. Keeping in mind the fact that anybody in the whole world can send you an e-mail from any from address, pretty much, and just because the name that appears is a recognizable name or even just because the e-mail address that appears in the from line is recognizable really doesn’t mean that it's coming from somebody you know.”