Tuesday, March 14, 2017

UK Gov’t Says Bitcoin Ransomware & Banking Malware Are Top Frauds

The National Crime Agency (NCA), a national law enforcement and police agency in the UK, officially announced that bitcoin ransomware and banking malware are top cyber threats against businesses and the public.

In the past 12 months, the vast majority of multi-trillion dollar industries, major corporations and even law enforcement agencies have fallen victim to sophisticated bitcoin ransomware attacks. As ransomware became more complex in structure and technologically advance, once encrypted, victims had no other option but to settle the ransom in bitcoin.

Previously, DeepDotWeb reported that a new generation of Ransomware has emerged. Ransomware like Popcorn or Locky utilize unique their technological characteristics to spread themselves more widely, at a much faster rate.

Once ransomware affect a computer or a device, files, images, and other types of data stored within the local database of the device or a server are locked. Most ransomware distributors set a time lock, usually a week, to pressure victims in paying the ransom and receiving a decryption key to unlock their files. If victims fail to make the bitcoin payment within the establshed time period, files and data can are deleted permanently.

Mike Hulett, head of operations for the NCA’s National Cyber Crime Unit (NCCU) admits that there isn’t a wide range of solutions a company or an organization can implement in order to prevent ransomware attacks. A viable solution would be to prevent accessing any unknown files, links, URLs or images in the web, that could lead the browser in downloading malware which installs itself to a device or a server.

“There is not a lot organisations can do about the threat, but it is important that they make an effort to understand it. Keep yourselves up to date and aware of the potential threats to your organisations as well as about what is available to you to counter those threat,” said Hulett at the Cybercon 2017 event held in Plymouth.

He further noted that organizations should deploy multiple layer security measures on top of their existing IT infrastructures to protect data or information that could be valuable to both the company and hackers. Against ransomware distributors, the most practical prevention method would be to store corporate data or financial information in the cloud. By doing so, in the event of ransomware encryption, files or information that are important to the organization aren’t affected. To restore the device, organizations can simply format the computers or devices and restore data by accessing the cloud.

Against banking malware, Hulett states that it is crucial for banks, financial institutions and corporations to investigate more actively into the theft of financial data. In most cases, companies fail to recognize the theft or loss of valuable financial information until months after the initial hacking or malware attack.

“These are not necessarily the same thing, and often organisations that have been breached think everything is OK if no financial credentials have been stolen. But they may have lost a couple of hundred thousand usernames and passwords, which is valuable data that can be married up with other data, which means the company is not out of the woods yet,” Hulett added.

An example of a secure and reliable security system can be seen in most bitcoin wallet platforms. Popular bitcoin wallet platforms like Blockchain are non-custodial platforms, which don’t store user passwords or private keys. Only users have access to their private keys. Thus, in the event of a malware attack, hackers will not be able to obtain valuable information.