How Hard Is It To Become A Cyber-Criminal?

According to a recent article on Naked Security, not at all hard.  While at Black Hat in Las Vegas, researchers from Sophos gave a presentation that dissected the “Philadelphia” ransom software as a service (SaaS) model.

Anyone can buy the Philadelphia ransomware kit on the Dark Web for $400.  And for this nominal investment, the would-be attacker gets a simple executable file that sets up the whole system automatically.  The package includes:

  • A command and control server (CNC or C2) to communicate with victims and manage operations, including statistical analysis and payments from victims.
  • Samples of ransomware phishing emails, and the ability to create and customize these emails.
  • This kit comes with a number of additional features and capabilities.
    • Mapping victims’ locations on Google Maps
    • A “give mercy” feature in case you need to undo an attack for some reason
    • The ability to customize the extortion notice
    • A feature called Russian roulette, that deletes some files after a certain time frame to motivate victims into making quicker payment.

If you want all the details, click over to Naked Security for the full story.

To protect yourself from this and similar exploits, we recommend:

  • Don’t open unexpected attachment without confirming the attachment with the sender, or forwarding the email and attachment to VirusTotal for analysis.
  • Don’t enable macros for document attachments or document links in emails. Macros are disable by default for security purposes, and enabling macros can open the door to malicious software installation.
  • Backup your documents and store a copy off-site, so if your documents are encrypted by ransomware, you can restore from your backup.
  • Install Microsoft and other software updates to close security holes as they are discovered.  Both the recent WannaCry and Petya/Non-Petya exploits can be prevented by a Windows update released last March.
  • Use Sophos Intercept X, a security applications specifically designed to recognize and neutralize ransomware attacks.  This is a product we recommend to our clients.

 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment