No doubt you’ve read news stories about individual consumers, police departments, and now even hospitals having their computers and data victimized by ransomware , an exploit in which the attacker “kidnaps” and encrypts the victim’s data, demanding payment for the decryption key. As a developer, is there anything you can do about it? The short answer may be no.
So far in 2016, hospitals in California, Kentucky, Maryland, and Kansas have been hit with ransomware attacks. In February, according to NBC News, Hollywood Presbyterian Medical Center had no choice but to fork over $17,000 to the bad guys in order to get its systems back. That’s a big jump from the typical $300 that an individual consumer might be forced to pay. Even a NASCAR team was victimized, forced to pay up to get its data back. It’s enough to drive you in circles, or ovals in NASCAR’s case.
How widespread are ransomware attacks? Consider this June 2016 statement from security software maker Kaspersky. “The number of users attacked with encryption ransomware is soaring, with 718,536 users hit between April 2015 and March 2016: an increase of 5.5 times compared to the same period in 2014-2015.” Yikes. During the same period, users attacked with blockers (ransomware that locks screens) decreased by 13.03%, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016, according to Kaspersky.
There’s more. Cisco warns that businesses are unprepared. Security vendor RSA says cloud service providers are becoming a popular target. The U.S. Department of Health and Human Services went so far as to publish information on ransomware, including how to tell if HIPAA has been violated.
Unfortunately, the ubiquitous nature of the Internet of Things technology makes it a completely new fertile ground for ransomware attacks. Earlier this month, two security researchers demonstrated how a residential thermostat can be taken over by ransomware, locking it until a ransom was paid in the form of a Bitcoin. Keep in mind this was nothing more than a proof-of-concept demonstration. But, you know where this is likely headed.
The only way to deal with ransomware is to prevent it in the first place, according Malwarebytes Labs. That means running security software, resisting the urge to click alluring links, and backing up one’s data frequently and regularly. Unfortunately, as an applications developer — and an honest one at that — there isn’t really any proactive or anticipatory defense you can build into an app.
As an app developer, are you advising your organization about the dangers, causes, and prevention of ransomware? Have you or your company been a victim? Share your thoughts; we’d like to hear from you.