CryptoLocker- The Evolution of Extortion. The screen shot is an example of the CryptoLocker virus. It encrypts all of your documents, pictures, and everything else on your hard drive and holds it hostage. For a ransom, paid within an hour and averaging between say, $150 and $350, you get the key to decrypt your information and go back about your business, perhaps a little shorter of breath for it.
More CryptoLocker attacks are demanding payment in bitcoin, which complicates the problem because most of us don't (yet) have bitcoin wallets online. The one-hour deadline is daunting but most who try to make the transaction succeed in figuring it out. The New York Times recently wrote about CryptoLocker in this editorial:
Unfortunately, in most cases, the best outcome is had by paying the perpetrators to keep your data. They typically make good on the deal and you get your data back. They want you to know that when they return for more that they will play by the rules they set. Nobody gets hurt, and nobody wants to lose what in many cases is irreplaceable. CryptoLocker has successfully attacked small businesses, hospitals, even a police force and they know what they are doing. For the criminal hackers, the job pays like a slot machine on fire, paying them over and again in anonymous, portable and liquid currency. Ransomware is probably at the crest of a surging, perfect-storm wave, with a long ride of profitable, cyber-based crime well into the future. For more on the subject of the growth of cybercrime:
“The year 2014 may well go down in the history books as the year that extortion attacks went mainstream. Fueled largely by the emergence of the anonymous online currency Bitcoin, these shakedowns are blurring the lines between online and offline fraud, and giving novice computer users a crash course in modern-day cybercrime.”
Brian Krebs, Krebs on Security
Why Now?
The big hacks: Target, Home Depot, SONY, Anthem, they all have a common denominator: the hackers were after our individual information. Cyber crime used to be an institutional problem, but that's not where the money is.
Cybercrime has gone personal because it pays, it pays big, conveniently, and it beats any of the other hacks out there, including for organized crime cartels. CryptoLocker is a symptom of these mega-hacks. We are seeing the emergence of these attacks as an outcome of the vast amounts of stolen personal information being put to use for criminal profit. Hackers curate the data, sort and sift it with BigData software, and assemble pools of victims for large waves of attacks on the most vulnerable of Internet users: the individual, everyday person that engages with technology as a tool for a a busy and productive life. For more on why cyber crime is personal now: Anthem's Massive Data Breach - Cybercrime Has Become Personal.
Cyber-Self-Defense.
The Basics:
The Essential: