At the risk of giving undeserved kudos, I am going to write it: phishers are clever and tenacious.
On July 29, Microsoft released its latest generation of Windows operating systems, Windows 10. Within days, Internet security bodies such as the Cisco Talos Group began detecting prevalent propagation of CTB-Locker (a variant of the CryptoLocker ransomware virus) targeting users of Windows 7 and 8, crafted to look like the free Windows 10 upgrade. Often delivered by email messages containing .ZIP attachments, the virus encrypts the user’s personal files and demands a ransom to make them usable again.
This type of event-conscious phishing campaign is much more alarming to me than blanket-type email spam that is loosely targeted or not targeted at all. It gives the advantage of exquisite timing and context to aid in fooling victims. It demonstrates that the perpetrators are paying a lot of attention – significantly more attention, I fear, than consumers or business users working their way through the day’s emails.
There are a number of news and blog articles on the web that discuss awareness training, protection technologies, and recovery strategies for ransomware outbreaks. The aspect that irks me lately, though, is the motive.
Certainly profit – in 2012, Symantec Security Response estimated that CryptoWall perpetrators were extorting as much as $33,600 in ransom payments per day, with an annual estimate of US $5 million. This month, Symantec reported that the FBI’s Internet Crime Complaint Center (IC3) showed that between April 2014 and June 2015, it had received 992 CryptoWall-related complaints, from a mix of end users and businesses that collectively paid out more than US $18 million.
For a hardworking IT professional like me, these numbers make an unsavory topic downright nauseating. We are just beginning to guide customers through assessments of Microsoft’s newest platform offering, the legitimate one, which will not come in an email. In addition to the standard upgrade considerations of OS stability and application compatibility, the best use of my time is now at risk if a user inadvertently activates a debilitating virus on their network by deploying a false “upgrade” they received from a phisher.
I ponder whether other hacker motives may be deeper-seated; perhaps these individuals feel they have been wronged in some way, and aim to nebulously retaliate against helpless computer users. Or maybe they crave the feelings of power and control, or the sense of accomplishment it produces. Worst of all, most are international criminals who don't have to fear the repercussions of breaking the law since there is little to no risk of arrest.
But there is one thing I know for sure: regardless of the challenge, I will use my knowledge of technology for good, not evil.
Kyla Morse is a Help Desk Engineer at Systems Engineering where she and her team of colleagues continue to fix all that has been broken.