Hackers are finding even more ways to harm website owners, in a new report from security firm High-Tech Bridge hackers are switching encryption keys and then ransoming website owners for money.
The attack—known as "RansomWeb"—manages to take the current encryption keys and swap them with non-working numbers. In order for the website owner to regain control, they are forced to pay the hackers.
Encryption is the basis of modern internet security, but with this new hack it locks the website owner out and gives no way to get back in, without having even more security latched on top.
Even if the website owner sends payment over, there is no guarantee they will get the website back, or any guarantee that the attacker will not launch the same attack later.
“We are probably facing a new emerging threat for websites that may outshine defacements and DDoS attacks." Ilia Kolochenko, chief executive of High-Tech Bridge said. "RansomWeb attacks may cause unrepairable damage, they are very easy to cause and pretty difficult to prevent.”
These hackers wait for months until new patches of encryption keys are added, before locking out the website owner. This gives them full control over the website and allows them to implement old keys that are invalid.
Kolochenko claims this is a change in hacker identity, moving from chaos to financial motives. He believes the next slew of hackers will always look for ransoms and lock owners out, instead of simply defacing a website.
This was first seen on the Sony Pictures hack, when the apparent hackers sent ransom messages to Sony executives three days before taking the entire system offline.
The ever changing world of encryption makes it hard for security firms to properly defend customers, especially with this new RansomWeb attack. It may lead to firms like Google and Facebook offering security help for smaller sites, offering new encryption and security tools.