How the ransomware economy rips you off, part 1

Ransomware has its own economy, funded by you.

Ever wonder why ransomware has become so widespread these days? A ransomware infection in England shut down hospitals. Staff told patients that if they did not have an emergency, go home. The computers were not working.

That is because the publishers have found a way to collect money and avoid getting caught. At https://www.elie.net/blog/security/how-to-trace-ransomware-payments-end-to-end, Elie Bursztein tells us most people do not back up data. When ransomware encrypts and renders their files unavailable, victims have no choice but to pay the fee. Sometimes the ransomware publisher is honest and sends the decryption key. Sometimes not.

Elie Bursztein’s slideshow is at https://www.elie.net/talk/tracking-desktop-ransomware-payments-end-to-end.

Keeping this in mind, let’s see how not backing up your data works against you.

What happened.

Dick runs a medical billing office in Sacramento. He runs the business without any computer network consultants. He installs Microsoft’s free updates. He avoids buying virus protection or content filtering firewalls. “Unnecessary expense,” he says. I’m running a business here.

One day, he saw a popup.

Wanacry ransomware was a rude awakening for thousands.

The Wanacry ransomware found his computer and encrypted all his files. He could not open any documents, his practice management system or his financial package.

He was out of business.

What he did.

Dick opened a bitcoin account, bought $300 worth of bitcoin and sent them to an anonymous bitcoin address. Those credits actually transfer through several bitcoin accounts before getting “redeemed” by the mastermind. Dick luckily received a decryption key with instructions to decrypt his files.

The takeaway.

Dick is back in business. He told his neighbor what happened. The neighbor told Dick he brought it upon himself by maintaining weak security. It was inevitable that a company with security as weak as Dick’s would get hit. Do not be a dick. Make sure you have active and current virus protection. Make sure you have a firewall with a content filtering subscription. Make sure your users know how to vet a link before clicking. See http://cameronparkcomputer.com/secure/ for a free quiz and training.