Be careful what you chat your coworkers, it could be costly.
Ransomware attacks — malware that encrypts data until victims pay up — have been on the rise, and a new form of crypto extortion is also increasing: Blackmail attacks. Hackers are going after compromising photos, chats and emails, and demanding funds to keep them under wraps, according to Paul Calatayud, chief security officer, Americas, at security company Palo Alto Networks.
While consumers have traditionally considered information like credit card and Social Security numbers to be the main targets for hackers, the rise of ransomware attacks means everything from seemingly inconsequential messages in chat programs like AOL Instant Messenger to snapshots on your Google Drive
GOOG, -0.35%
could be used against you.
“There have been more attacks on data like emails and company gossip, that may not be seen as valuable but do have value to the company’s brand,” Calatayud said. He was speaking on a panel hosted by the National Cybersecurity Alliance in New York on Wednesday. “The model has changed from ‘How do I take this data and sell it on the market,’ to, ‘How do I take this data and hold it for ransom and hold it against it because you perceive it to be valuable?’”
Ransomware attacks increased 2,500% in 2017, according to computer security company Carbon Black, and they are expected to continue to grow. This includes extortion attacks, like the high-profile hack of Sony in 2014. In that incident, unknown hackers held the studio’s internal data for ransom, including gossip about celebrities, internal drama, and even Amazon purchases. They ultimately leaked the company’s dirty laundry publicly, costing it more than $150 million.
Such attacks can also target individual users: In September 2017, some Apple users reported being remotely locked out of iCloud accounts while hackers demanded payment in Bitcoin to unlock it. In July 2017, ransomware was found on Android devices, and the hackers demanded payment and threatened to send victims’ browsing histories to all of their contacts.
The popular office chat platform Slack said in March that it had detected and patched a vulnerability that would have given hackers full access to chat histories, shared files, and other features. The bug was discovered by security company Detectify and fixed before any information was leaked. George Avetisov, chief executive officer of security company HYPR, said employee gossip makes Slack and other office chat programs an appealing target for hackers. (Slack declined to comment).
“Forget corporate espionage — workforce chat logs are often a treasure trove of embarrassment and blackmail,” he said. “It is difficult to police what is said in Slack discussions, especially at mid-to-large sized organizations where dozens or hundreds of private channels are commonplace. Criticizing management? Complaining about that demanding customer? Jealous about a co-worker’s new desk? These are seemingly harmless comments that a malicious third party could exploit if chat logs ever leaked.”
Embarrassing information discovered through such attacks could be more dangerous to companies than a traditional hack involving stolen funds, Dmitri Alperovitch, co-founder and chief technology officer of security company CrowdStrike, told the NCSA panel. He said these attacks and cybercrimes have been fueled in part by cryptocurrency.
“In the 1980s when files were encrypted and they would say, ‘Wire money to this bank account,’ it would be easier to trace it back to the cybercriminal,” he said. “Bitcoin and crypto have made it much easier and much safer from the criminals’ perspective to demand ransom.”
To address it, we need more regulation of cryptocurrencies, said Choo Kim-Isgitt, head of product at EdgeWave, a cybersecurity company that monitors email security. She said there has been a huge uptick in attacks on email that go beyond the classic spammy links.
“Email remains the primary attack vector, but it may not be for financial gain in the direct route we have seen in the past — it’s a little more creative,” she said.
To protect yourself, she recommended taking basic precautions: using strong passwords, and being careful about which messages you open. Government agencies like the Internal Revenue Service will never email you, and be careful about sending any money over the internet. “It’s better to be suspicious than to regret it later,” she said.
It is traditionally recommended not to pay ransoms to avoid incentivizing ransomware attacks, Avetisov said, but unfortunately that doesn’t bring back your data. He recommended paying to get data back if it’s highly sensitive, contacting law enforcement to report the incident, and adopting strong security measures so it doesn’t happen again.
Let’s block ads! (Why?)