Stop Paying Ransomware and Increasing the Payoff for Cyber Pirates

For the love of all things Internet, just stop it. Stop being so damned naive and dumb about cybersecurity and paying off ransoms. Just frigging stop it!

I just posted a blog entry on this a few months ago.

Ransomware payments solve diddly squat. Sure, the cyber pirate hacker may release your computer after you fork over thousands of dollars, but guess what. HE/SHE IS STILL INSIDE YOUR COMPUTER! What is to stop this hacker from just locking up your system again tomorrow? Nothing, nada, because you were too dumb and lazy to find a cybersecurity expert.

Cybersecurity and business cyberbullying is hard enough without compounding a crime with a bad decision and rolling out the red carpet for another pirate to say, hey, this idiot paid Hacker 14's ransom, he'll probably pay mine, too.

According to Lloyds of London, cybercrime costs businesses $400 billion a year. $100 billion of that is in the U.S. and the victim count is upwards of 556 million. It is expected that the global cost of cybercrime will net $2 trillion by 2019. Two trillion. At this rate, every gang banger is going to learn how to code. It's a better return than the drug trade.

Why? Because companies don't want to spend money on IT, and by the time they do, the hacker has been in their system for years. (See Sony.) How sad is it that even our educational institutions are set up for failure when it comes to this stuff. Case in point, the University of Calgary. Instead of paying ransomware, maybe the curriculum needs to include and force its administration to attend Cybersecurity and Information Technology courses. Oh wait, it does have a Business Technology Management course.

Look, I don't mean to be mean about this, but seriously, when the hell are businesses and organizations going to take this shit seriously? For every dollar you don't spend on IT, for everything you don't know about basic cybersecurity, updating software/apps, or just basic common sense, you put everyone who is connected to you through the Internet at risk.

Sure, companies don't really want to admit their mistake, but saying nothing and hoping it will go away just means all your employees, suppliers, family members, customers, and golf buddies just had their identities stolen and sold to the black market. Then to add icing to the hacker's cake, you just willingly gave him $20,000 top up the money he will earn from selling the credit cards and social security numbers because instead of finding a security expert, you chose to pay ransom instead.

Please, just stop it.

 

  

Ransomware

This is an example of ransomware from wired.com. This is not the Department of Justice as the screen might indicate, but rather some blackhat who has infiltrated your system and is looking for a easy cash grab.

Imagine turning on your computer and discovering all of your keys are locked, except a couple of open boxes on a screen, telling you that before you can get access again, you must pay a fine.

This is what happened to the Los Angeles Hollywood Presbyterian Medical Center. The entire network was shut down and access would only be granted if they paid a ransom of $3.6 million.

You can see how ransomware has the potential to wreak havoc for anyone whose livelihood relies on a computer. It's a malware that encrypts files and requires a key to unlock. It can come into a network through a simple file attachment in an email.

Do not respond to the demands of these cyber hacks. First check out reputable sites, like your Google FAQs, PC World, and perhaps first: your antivirus company, such as Vipre, Norton, or McAfee, to see what types of patches they have to remove this Trojan horse.

Most viruses hold your devices hostage but ransomware ups the ante with a payment demand. Now, just like a real-life kidnapping, paying the ransom doesn't mean the hacker will release your computer.

The best prevention is to play safe online. Top up your protection software and make sure it's current. Look at the link of a website before you click it to make sure it matches what you're expecting. For example, if you receive an email from Amazon advertising a product that interests you, when you mouse over the link in the email, you can see what link highlights before you click in most cases. But to be safe, go to the top of the browser and log directly into the account and search for the product. Don't open unexpected attachments unless there is an explanation from a known sender or if the email looks suspicious (even from a known sender.) Ask the known sender if they sent you a file out of the blue. When in doubt, don't open the attachment.