Ransomware is (almost) free money for cyber-crooks

The internet has changed the way people do business, and that has changed the way cyber-criminals do hacking. The expansion of online businesses and the ever-growing presence of cryptocurrencies has been seen, by cyber-crooks everywhere, as the golden opportunity to steal some cash and get away with it.

Writing for Ars Technica, Sean Gallagher says converting hacks to cash has become so easy, and so lucrative, that everyone has become a target.

He quoted Harlan Carvey, a senior security researcher at Dell SecureWorks, saying: “If you’ve got files, you’re targeted,” describing just how widespread cyber-attacks are nowadays.

And that’s mostly because ‘crypto-ransomware is low-risk with an increasingly high yield”. Employees area unskilled, untrained and not vigilant enough, paying little attention to what they’re clicking and downloading. Legacy systems with outdated security measures mean malware years old can still do tremendous amounts of damage.

Law enforcement is basically helpless – many incidents even go unreported. In some cases, businesses don’t report these issues as they’re afraid of losing customers and customer loyalty, as well as becoming a target of other cyber-crooks looking to get in on the action.

Gallagher rounds off his opinion by adding that it’s not just the Web that’s in deep, deep trouble. Mobile internet won’t go through this unscarred.

"The biggest problem I've seen—not unlike what you're seeing with JBoss—is companies who have deployed a mobile app and maybe don't realize that having a mobile app that gets information from a URI is putting an API on the Internet," said Greg Brail, chief architect at the application program interface (API) platform provider Apigee. "Or they may have realized what they're doing, but they didn't realize how easy it was to discover."

Image source: Shutterstock/Benoit Daoust