European Central Bank Policymaker Says Stablecoins Not Cause for Alarm

10m
cointelegraph

Blockchance Cyber Parties

16m
cryptodaily

Price Analysis 19/07: BTC, ETH, XRP, LTC, BCH, BNB, EOS, BSV, TRX, XLM

28m
cointelegraph

Bitcoin (BTC) Is Up 6% Even As Sellers Eye $7,500

29m
cryptonewmedia

Behold the Latest Bitcoin Board Game, ‘Hodler of Last Resort’

30m
cryptonewmedia

Disgusted Bitcoin Trader Says Price Charts Mimic an Ugly ‘Penny Stock’

31m
cryptonewmedia

R3 Taps Software Sales Vet to ‘Evangelize’ Paid Version of Corda

35m
coindesk

Bitcoin Price Stuck in Tight Trading Range, BitMEX Responsible for...

1h
newsbtc

Bitcoin Maintains Price Rally But Outlook Remains Bearish Until It Climbs Above $10,950

1h
zycrypto

Oil Markets Could Save 30% With Blockchain, Data Gumbo CEO Says

1h
cointelegraph

Boeing Keeps Dow in Positive Territory as Stock Market Slides

1h
cryptonewmedia

Major Crypto Markets Report Mixed Signals, Gold Slightly Fell

1h
cointelegraph

German Central Bank President Shows Support For Libra, Calls It “Attractive” To Customers

1h
coingape

‘Samsung Coin’ Trademark Filing Unaffiliated With Samsung

1h
cointelegraph

Stock Market Investors Should HODL Because Pros Can’t Beat S&P 500

2h
cryptonewmedia

New No-Fee Visa Card for US Crypto Holders Offers Rebates From Big Brands

2h
dailyhodl

Buying Bitcoin (BTC) at $8,500 is Best, Says Analyst

2h
ethereumworldnews

Nouriel Roubini Accuses Bit MEX of “Systematic Illegality”

2h
livebitcoinnews

BitMEX Being Investigated by CFTC As ‘Dr Doom’ Gets Salty Over Hayes Debate

2h
cryptodaily

Coinbase Quietly Pulls the Plug on Its Cryptocurrency Bundle Product

2h
cryptoglobe

Apple’s Steve Wozniak Launches Blockchain Firm in Malta

2h
cryptonewmedia

Ripple (XRP) Poised For More Gains, Prices Rebound From Q1 Support

2h
cryptonewmedia

Top 5 ‘Dead’ Altcoins: NEM, BCC make the list

2h
cryptoticker

3 Battered Cryptos Are Flashing Bullish Signals

2h
cryptonewmedia

What the CFTC investigating BitMEX could mean for bitcoin and crypto market

2h
cryptoslate


Study Finds Most Ransomware Solutions Just Pay Out Crypto

coindesk

2mon ago

A study by ProPublica found that most ransomware solutions providers have one weird trick for getting rid of hackers – paying them off.

Ransomware activity is growing weekly according to experts at CoveWare. The result? Companies who just want to pay the ransom and move on.

According to CoveWare, ransomware attacks were up in Q1 2019:

In Q1 of 2019, the average ransom increased by 89% to $12,762, as compared to $6,733 in Q4 of 2018. The ransom increase reflects increased infections of more expensive types of ransomware such as Ryuk, Bitpaymer, and Iencrypt. These types of ransomware are predominantly used in bespoke targeted attacks on larger enterprise targets.

Once hackers encrypt an infected computer, however, the real question is how to unlock your data. ProPublica found that many data recovery firms simply pay the ransom and then charge a premium for their trouble.

Proven Data promised to help ransomware victims by unlocking their data with the “latest technology,” according to company emails and former clients. Instead, it obtained decryption tools from cyberattackers by paying ransoms, according to Storfer and an FBI affidavit obtained by ProPublica.

Another U.S. company, Florida-based MonsterCloud, also professes to use its own data recovery methods but instead pays ransoms, sometimes without informing victims such as local law enforcement agencies, ProPublica has found. The firms are alike in other ways. Both charge victims substantial fees on top of the ransom amounts. They also offer other services, such as sealing breaches to protect against future attacks. Both firms have used aliases for their workers, rather than real names, in communicating with victims.

Ransomware is getting worse.

After US Attorney General traced and indicted two Iranian hackers for releasing ransomware called SamSam, authorities hoped the prevalence of attacks would fall. Instead, it rose, beating 2018 levels considerably.

The reason, many believe, is because ransomware is so lucrative. Hackers can launch an attack and then, when the victims discover the hack, they negotiate briefly with companies like MonsterCloud and others to unlock the computers. However, many of these companies offer recovery methods and many security researchers work on free methods this one for the popular WannaCry ransomware.

Unfortunately, the hacks are getting worse and the software necessary is getting more complex.

CoveWare admits to actually negotiating with scammers. They’ve found it to be one of the simplest methods for getting data back. The concern, however, is that these efforts are inadvertently funding terrorism. Further, they write, it is taking longer to decrypt hacked computers, thanks to new versions of the ransomeware. In Q1 2019, wrote CoveWar, the “average downtime increased to 7.3 days, from 6.2 days in Q4 of 2018.”

CoveWare CEO Bill Siegel has found that the average ransomware recovery isn’t really a negotiation with “terrorists” as US Government officials believe. They’ve negotiated a “few hundred” ransomware cases this year and find that each hacker is different and often just frustrated.

“Our sense based on our study of the industry and experience is that the vast vast majority are relatively normal people that don’t have legal economic prospects that match their technical abilities,” Siegel said. “They also live in parts of the world that are beyond the jurisdiction of Western law enforcement, and are ambivalent about stealing from the West.”

Their process for talking with the hackers is also quite precise.

“We study their communications patterns so that we can build up a database of experience. There is a surprisingly small group of threat actors that are active at any given time, so identifying them is relatively straight forward. From there, we have scripts and tactics that we have honed over our experience. We draw on those to develop a negotiation strategy on behalf of our client. We know the hackers based on the profile and patterns they exhaust. We don’t communicate with them outside of representing our clients in a negotiation. All of the data exhaust we create from our cases is provided to law enforcement on a quarterly basis as well.”

Zohar Pinhasi of MonsterCloud said his company worked hard to use both methods – recovery and ransom.

The recovery process varies from case to case depending on the scope and nature of the cyber attack. Our methods for achieving data recovery and protection are the product of years of technical experience and expertise and we do not disclose the process to the public or to our customers. That is communicated clearly up front. However, what I can tell you is that we are a cyber security company, not a data recovery company. We have vast knowledge and experience dealing with these criminals, and we spend countless hours staying atop their evolving methods in order to provide our clients with protections against all future attackers, not just the one infiltrating their data at the time they come to us. We offer a money back guarantee to any client if we are unable to recover their data, and to date we have not had a single client report a follow-up attack from the same criminals or any other attacker.

While sending a few thousand BTC to a strange address might not sit well with many victims, it still looks like the best way to reduce downtimes. After all, it’s the organization’s fault for catching the ransomware bug in the first place. Prevention, as they say, is often better than the cure.

Regarding any copyrights issue, please contact us:content@hashbee.com.

0 comments