Cyber crime: It’s not always who you think it is
By Prempal Singh
Think about a guy in his early 30s who makes almost all of his disposable income by spreading malicious software. His ransomware is designed to install on his victim’s computer when they click an email website link sent to 1000s of potential victims. He knows only a few will click on the link, but a few is he needs. When his ransomware is installed it is merely a subject of time until this individual launches his attack.
His attack commences by encrypting files on his victims’ systems. This encryption refuses access to files, essentially locking them away into an impenetrable virtual burial container. These files could be anything — personal images, financial information, health information, public information, documents, videos, directories that are essential to having other programs operate, etc. It does not matter as long as someone needs entry to these files for one reason yet another. When the files are secure and locked away from their owner’s access, a message is programmed to pop up notifying the user what has occurred and demanding a ransom in exchange for a decryption code that will undo the damage. This kind of version of ransomware is particularly nasty as it is located on the host system, undetected by most anti virus programs, waiting for an interval before it launches. The concept is to allow enough time to get the ransomware backed up so it might also encrypt back-up files.
Given that the attack has started, this man simply is located as well as holds back for the money to flow in. He knows some attempt to counter his attack by restoring their systems from their back-ups before realising they are encrypted as well. His ransomware has an characteristic that increases the ransom demand each day, making those who refuse to pay while they make an effort to recover their data pay even more. A few will never pay and simply lose their data, but others will pay practically anything when they realise their important information will be gone permanently if they do not conform.
Our villain ends up collecting more than 20,000,000 in this strike. It’s a great income since he paid only $1,500 to get everything he needed to move off this attack. This individual got this all from a site he found offering cyber-crime as something.
Unfortunately, these crimes are generally not all transporter by someone installing the universal “hacker” account of a guy using a black hooded sweatshirt hammering away at his keyboard while sitting in a dark corner of a room. Between the anonymity available online, supply of practically untraceable financial accounts and wide supply of tools to devote cyber-crimes, it appears we may be scratching the surface of the harm which will be done through cyber-crimes in the foreseeable future.
Source: wcfcourier.com