Be careful with hackers' kidnapping extortion
Small and medium enterprises should back-up data carefully if they do not want to become victims of "abduction" of hackers.
This is a warning from security vendor Kaspersky Labs, in addition to announcing a quarterly report on malware.
Record number
In that report, Kaspersky Labs confirmed the number of "kidnapping" malware (ransomware) - or malware that could collect, encrypt information and claim victims. pay a new sum to return the data. Moreover, encryption algorithms are also becoming more and more complex.
Kaspersky's statistics of the number of victims of ransomware software reached a record number in the second quarter of 2006. This type of malware first appeared in early 2005.
Encryption technology - Cat chasing game
Initially, ransomware only used simple encryption algorithms to "abduct" files and ransom. However, in recent attacks, ransomware software has emerged with RSA encryption technology and hackers have begun to use more complex password protection and file hiding solutions. .
Kaspersky argues that attackers and security firms are in a "cat-and-mouse" game - where security companies study cracking ransomware software and hackers who seek to apply code solutions more complex chemistry.
" There are still situations in which security companies cannot decrypt the kidnapped files, " said Davide Emm, Kaspersky's senior technology consultant. " In large companies, the IT department will often back-up data. That's why the threat is primarily aimed at small businesses and individual users, because of these. This object often does not pay much attention to back-up data issues . "
For example, the latest Gpcode ransomware variant has used a 660-bit encryption key. With this key code, the researchers believe that it will take at least 30 years to crack this code with a computer running at 2.2GHz.
Limit of technology
However, based on research, Kaspersky was able to crack the code and add protection measures to its security software.
While Kaspersky was able to crack the code, the researchers believe that encryption solutions have reached the limits of modern encryption technology today.
This means that if future attacks occur, we will be able to successfully break the encryption key. This means that victims of extortion abduction will have to pay to get their data back.
The author of Cryzip and Krotten ransomware software - the most popular ransomware software - has not been captured yet. However, even if they are caught, their work is still alive and well in hackers. Those who will further develop based on Cryzip and Krotten.
Ransomware will obviously be a headache for the security industry for a long time.
Hoang Dung
- The principle that every adult must know to prevent kidnapping children
- Hard to believe but true: Ants specialize in 'kidnapping children' to survive
- The 'survival' rule must teach your baby to avoid kidnapping
- Why do hackers like to wear hooded shirts, sitting in the dark?
- Information Security Department instructs how to handle emergency WannaCry extortion codes
- Ransomware, malicious software specializing in lock or file and then ask for ransom
- Not only blackmail, WannaCry malicious code can be deadly
- The most mysterious kidnappings of UFOs ever recorded
- Armrests against kidnapping
- The Word vulnerability helps hackers gain control of the PC
- Overview of Wannacry virus - The world's most dangerous malicious code
- 5 things you need to do immediately to prevent WannaCry malware