{"id":6609,"date":"2017-02-13T14:31:26","date_gmt":"2017-02-13T22:31:26","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/02\/13\/news-428\/"},"modified":"2017-02-13T14:31:26","modified_gmt":"2017-02-13T22:31:26","slug":"news-428","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/02\/13\/news-428\/","title":{"rendered":"Experts worry that ransomware could hit critical infrastructure"},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt4.staticworld.net\/images\/article\/2016\/03\/petya_ransomware_logo_1-100652676-primary.idge.jpg\"\/><\/p>\n<p><strong>Credit to Author: Michael Kan| Date: Mon, 13 Feb 2017 13:14:00 -0800<\/strong><\/p>\n<p>Expect ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data &#8212; by shutting down entire computer systems to utilities or factories.<\/p>\n<p>\u201cI see no reason for ransomware to stop,\u201d said Neil Jenkins, an official with the U.S. Department of Homeland Security. \u201cIt\u2019s shown to be effective.\u201d<\/p>\n<p>On Monday at the RSA cybersecurity conference, experts gave a grim outlook on the future of ransomware, which they fear will spread. Through the attacks, cybercriminals have already managed to rake in US$1 billion last year, according to <a href=\"http:\/\/www.csoonline.com\/article\/3154714\/security\/ransomware-took-in-1-billion-in-2016-improved-defenses-may-not-be-enough-to-stem-the-tide.html\" target=\"_blank\">one estimate<\/a>.<\/p>\n<p>The <a href=\"http:\/\/www.pcworld.com\/article\/3041001\/security\/five-things-you-need-to-know-about-ransomware.html\" target=\"_blank\">computer infections<\/a> work by first targeting the victim\u2019s data, and encrypting it. The ransomware will then threaten to delete the data, unless a payment, usually in bitcoin, is made.<\/p>\n<p>However, a key concern is that ransomware will start targeting critical infrastructure, said Jenkins, the director of the DHS enterprise performance management office.<\/p>\n<p>He pointed to the recent example of an <a href=\"http:\/\/www.theverge.com\/2017\/1\/30\/14438226\/hackers-austrian-hotel-bitcoin-ransom-ransomware\" target=\"_blank\">Austrian hotel<\/a> hit with ransomware that took out its keycard system for the hotel doors. Future ransomware attacks might try to lockdown control systems for a water utility, threatening its operations, Jenkins said.<\/p>\n<p>\u201cI worry that\u2019s going to be the next step,\u201d he said.<\/p>\n<p>Too many important computer systems are also connected to the internet&amp;nbsp;when they shouldn\u2019t be, said Gal Shpantzer, CEO of Security Outliers. Small businesses are also failing to properly segregate their computers from other processes, like a factory assembly line, he said. When a ransomware infection hits, it has the potential to shut down the entire operation.<\/p>\n<p>\u201cThat\u2019s where ransomware is going to go,\u201d Shpantzer said. \u201cI think it\u2019s inevitable. People are going to be injured or lose their life. This is starting to affect things that shouldn\u2019t be on the internet, or are physically moving.\u201d<\/p>\n<p>The hackers behind ransomware infections are also demanding higher and higher payments, some times over $40,000, said Jeremiah Grossman, chief of security strategy at SentinelOne.<\/p>\n<p>There have even been a few ransomware cases where victims had no choice but to pay over seven figures to recover their system, Grossman added, declining to provide details.<\/p>\n<p>\u201cBottom line, it\u2019s getting worse out there, and it will continue to do so,\u201d he said.<\/p>\n<p>Ransomware infections are already harassing small and medium businesses, according to Robert Gibbons, CTO at security provider Datto. His company conducted a survey that found 60 percent of its partners have experienced one to five ransomware attacks in the last year.<\/p>\n<p>The remainder had experienced over five attacks. &amp;nbsp;\u201cRansomware is still an epidemic,\u201d he said.<\/p>\n<p>Experts recommend that businesses and users frequently <a href=\"http:\/\/www.pcworld.com\/article\/3056907\/security\/how-to-stop-ransomware-backup-can-protect-you-but-only-if-you-do-it-right.html\" target=\"_blank\">back up<\/a> their data and also test to those backups to make sure they work. Security vendors have also <a href=\"http:\/\/www.pcworld.com\/article\/3150740\/security\/ransomware-fighting-coalition-adds-new-members-and-decryption-tools.html\" target=\"_blank\">published tools<\/a> that can free computers from some ransomware infections. &amp;nbsp;<\/p>\n<p>When an attack hits, victims may be tempted to pay the hackers the ransom. But Gibbons warned that one out of four times, the hackers still declined to decrypt the victim&#8217;s data, despite receiving payment.<\/p>\n<p><a href=\"http:\/\/www.computerworld.com\/article\/3169544\/security\/experts-worry-that-ransomware-could-hit-critical-infrastructure.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt4.staticworld.net\/images\/article\/2016\/03\/petya_ransomware_logo_1-100652676-primary.idge.jpg\"\/><\/p>\n<p><strong>Credit to Author: Michael Kan| Date: Mon, 13 Feb 2017 13:14:00 -0800<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>Expect ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data &#8212; by shutting down entire computer systems to utilities or factories.<\/p>\n<p>\u201cI see no reason for ransomware to stop,\u201d said Neil Jenkins, an official with the U.S. Department of Homeland Security. \u201cIt\u2019s shown to be effective.\u201d<\/p>\n<p>On Monday at the RSA cybersecurity conference, experts gave a grim outlook on the future of ransomware, which they fear will spread. Through the attacks, cybercriminals have already managed to rake in US$1 billion last year, according to <a href=\"http:\/\/www.csoonline.com\/article\/3154714\/security\/ransomware-took-in-1-billion-in-2016-improved-defenses-may-not-be-enough-to-stem-the-tide.html\" target=\"_blank\">one estimate<\/a>.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3169544\/security\/experts-worry-that-ransomware-could-hit-critical-infrastructure.html#jump\">To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[11073,714],"class_list":["post-6609","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-malware-vulnerabilities","tag-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6609","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6609"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6609\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6609"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6609"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6609"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}