The election cycle in the US is a good example. It’s far more theater and entertainment than it is serious news, but the contenders have learned how to make their noise rise above the day’s news noise. That conflation means we miss some important news that gets buried. Here’s an example.
Pay Up. Or, Else
You can be forgiven if you haven’t heard the latest bad news to hit the technology industry. No, it’s not the FBI trying to hack into your iPhone. It’s a thing called ransomware. It’s a thing. And it’s dangerous.
A type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system’s hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file
Ransomware is on the rise, a growing threat to companies and their IT systems, as well as software vendors with applications that are notoriously, uh, well, easy to hack. Reuters on Adobe’s Flash.
The software maker urged the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in “drive-by” attacks that infect computers with ransomware when tainted websites are visited.
Uh oh. Macs are on that list. In the case of the Flash ransomware the malware encrypts data, locks up an infected computer, then demands a payment (which ranges from $200 to $600 for each infected device).
Those threats are real and growing in number, but that also means phishing attempts are growing in number, too. Think of it as ransomware that knows your email address. BBC News:
It’s incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive – it happens in seconds
Part of the problem is that today’s computer systems– whether the Mac or PC you use each day, or so-called hardened systems run by large corporations, banks, or other agencies, are extremely complicated; complex to a fault, and all those layers of complexity breed opportunities for malware to take root and spread.
Last week news of 10 Maryland hospitals that came under ransomware attacks hit the news, the so-called Samsam crypto-ransomware.
Analysis of other Samsam attacks shows that the most likely cause of the attack on MedStar is an improperly installed JBoss server. The installation appears to have used the default settings that left access to the server’s management interface open to the Internet. That sort of misconfiguration is what the JexBoss tool used by the Samsam ransomware operators leverages to install a remote command shell.
Complexity breeds vulnerabilities which attract hackers to exploit. Ransomware is the new malware that makes money for hackers.
Are Macs vulnerable? Yes. A.J. Dellinger:
Apple fans used to brag about how their operating system of choice was virus free. Now that Macs are more prominent, so too are viruses. The latest sign that Apple devices have become big enough to target: OS X ransomware found in the wild.
Researchers at security firm Palo Alto Networks first detected the ransomware, dubbed KeRanger, on March 4. The malicious software was found in a corrupted download for popular Mac BitTorrent client Transmission.
That one was fixed quickly and affected a limited number of the Mac user base, but it’s the first of many such attacks that will come in the future. What can you do?
First, keep your Mac updated with Apple’s latest versions. Second, beware of which websites you visit, and which files you download. A few clicks on the wrong website URL or a free app to download can cause plenty of misery and make you the news.