How Hard Is It To Become A Cyber-Criminal?

According to a recent article on Naked Security, not at all hard.  While at Black Hat in Las Vegas, researchers from Sophos gave a presentation that dissected the “Philadelphia” ransom software as a service (SaaS) model.

Anyone can buy the Philadelphia ransomware kit on the Dark Web for $400.  And for this nominal investment, the would-be attacker gets a simple executable file that sets up the whole system automatically.  The package includes:

  • A command and control server (CNC or C2) to communicate with victims and manage operations, including statistical analysis and payments from victims.
  • Samples of ransomware phishing emails, and the ability to create and customize these emails.
  • This kit comes with a number of additional features and capabilities.
    • Mapping victims’ locations on Google Maps
    • A “give mercy” feature in case you need to undo an attack for some reason
    • The ability to customize the extortion notice
    • A feature called Russian roulette, that deletes some files after a certain time frame to motivate victims into making quicker payment.

If you want all the details, click over to Naked Security for the full story.

To protect yourself from this and similar exploits, we recommend:

  • Don’t open unexpected attachment without confirming the attachment with the sender, or forwarding the email and attachment to VirusTotal for analysis.
  • Don’t enable macros for document attachments or document links in emails. Macros are disable by default for security purposes, and enabling macros can open the door to malicious software installation.
  • Backup your documents and store a copy off-site, so if your documents are encrypted by ransomware, you can restore from your backup.
  • Install Microsoft and other software updates to close security holes as they are discovered.  Both the recent WannaCry and Petya/Non-Petya exploits can be prevented by a Windows update released last March.
  • Use Sophos Intercept X, a security applications specifically designed to recognize and neutralize ransomware attacks.  This is a product we recommend to our clients.

 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.