In that case, victims end up getting blackmailed only on the basis of keeping the crooks quiet, not of getting their files back to get their business running again. In some cyberextortion attacks, criminals who have already stolen your data either skip the file scrambling part, or aren’t able to pull it off. The crooks typically threaten to sell your trophy data on to other criminals, to forward it to the regulators and the media in your country, or simply to publish it openly online for anyone and everyone to download and gorge on. That second layer of blackmail goes along the lines of, “Pay up and we promise to delete the stolen data refuse to pay and we won’t merely hold onto it, we’ll go wild with it.” The first layer of blackmail says, “Pay up and we’ll give you the decryption keys you need to reconstruct all your files right where they are on each computer, so even if you have slow, partial or no backups, you’ll be up and running again soon refuse to pay and your business operations will stay right where they are, dead in the water.”Īt the same time, even if the crooks only have time to steal some of your most interesting files from some of your most interesting computers, they nevertheless get a second sword of Damocles to hold over your head. (Today’s ransomware crooks often go out of their way to destroy as much of your backed-up data as they can find before they do the file scrambling part.) Scrambling all your files on all your laptops and servers across all of your networks means that the attackers can blackmail you on the basis of bankrupting your business if you can’t recover your backups in time. Local storage devices typically provide a data bandwidth of several gigabits per second per drive per computer, whereas many corporate networks have an internet connection of a few hundred megabits per second, or even less, shared between everyone. Just to be clear, in many, if not most, cases, the attackers scramble your local files too, because they can.Īfter all, scrambling files on thousands of computers simultaneously is generally much faster than uploading them all to the cloud. locked added on the end to rub salt into the wound), but utterly unintelligible to the apps that would usually open them.īut in today’s cloud computing world, cyberattacks where ransomware crooks actually take copies of all, or at least many, of your vital files are not only technically possible, they’re commonplace. Their files are left temptingly within reach, often with their original filenames (albeit with an extra extension such as. Victims of file-encrypting ransomware ironically end up acting as unwilling prison wardens of their own data. (Before cloud storage became a consumer service, disk space for backup was expensive, and couldn’t easily be acquired on demand in an instant.) The criminals ended up with complete control over your data, without needing to upload everything first and then overwrite the original files on disk.īetter yet for the crooks, they could go after hundreds, thousands or even millions of computers at once, and they didn’t need to keep hold of all your data in the hope of “selling it back” to you. As you can imagine, given that ransomware goes back to the days before everyone had internet access (and when those who were online had data transfer speeds measured not in gigabits or even megabits per second, but often merely in kilobits), the idea of scrambling your files where they lay was a dastardly trick to save time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |