What Is Fake Ransomware and Should You Be Worried About It?
Barely a week goes by without data from a hospital, school, charity, or individual being held for ransom. Often, the data can be recovered unharmed if the victim pays a large, anonymous sum of Bitcoin to the criminals. But fake ransomware is even more insidious and dangerous. Here’s why.
How Does Ransomware Work?
In a real-life ransom, a kidnapper captures a person and holds them prisoner. The kidnapper then demands a large sum of money from their friends, family, employer, or government in exchange for their safe release. If the money isn’t forthcoming, kidnappers have been known to apply extra pressure by torturing their victim or even sending body parts through the mail.
Cybercriminals in the 21st century operate similarly, except instead of your best friend, mum, intern, or an unlucky tourist, it’s the data on your home computer or server that’s held hostage.
Usually, the first indication that you’ve fallen victim to a Ransomware attack is when youlog into your PC one morningand find all your data encrypted, with the only accessible file being a ransom note demanding payment—usually inBitcoin or some other cryptocurrency.
The scam is simple: pay the money and the criminals will send you a key with which you can unlock your files.
Depending on how the actor is holding your files ransom, there may be a timer which randomly deletes your files (rather like cutting off a finger) the longer you delay. Another pressure tactic is to release unencrypted versions of your files on the internet, which can be embarrassing to you and potentially dangerous if the files contain private information.
Often criminals subcontract parts of the work, employing a third party to provide penetration and encryption services.
While the US government, in anadvisory document related to ransomware, “strongly discourages all private companies and citizens from paying ransom or extortion demands”, handing over the cash is often the quickest and least painful way of recovering your data.
What Is Fake Ransomware?
Ransomware attacks have been carried out since at least 1989. Many computer users and organizations have come to expect that paying the ransom usually allows them to swiftly recover their files. In cases where proprietary information, customer details, or people’s lives are at stake, this can be the quickest way to get up and running again. Organizations can then pour additional resources into strengthening network defenses to resist this kind of attack.
Now more criminals have realized that ransomware is a profitable venture and are setting out to extort money without delivering on the promise to return the stolen data.
At first glance, there’s no way to tell fake ransomware apart from real ransomware. You wake up, grab a cup of tea, and turn on your PC. Oh no! Your files are encrypted and there’s a menacing text file telling you to send Bitcoins or face the inevitable destruction of your data.
But sending the funds is the last interaction you’ll have with the criminals. They’ll disappear, laughing, into the night, and leave you with no way to unlock the encrypted files on your computer. You’ve lost the ransom and the data. This isn’t the worst possible outcome though—the criminals may still release all or part of your data onto the web.
Why Does Fake Ransomware Exist?
Encrypting data takes time, and maintaining a channel of communication with the victim is risky. You could go to the police or the FBI, and while the chances of the criminals actually being caught are very slim, sending the decryption key to unlock your files can actually increase the odds that someone discovers their location.
It’s far easier for criminals to take the money and run. This will doubtless annoy different criminals, as it erodes trust in their “honest” ransomware business model.
You Should Never Pay Ransomware Demands
When you receive a ransomware demand, you should ignore it. If it’s critical business data, you should have backups, and if your home computer is being held to ransom, wipe it and install a new copy of your OS. If you pay the ransom, there’s no guarantee that your data will be decrypted.
Money raised by ransomware goes to funding more criminal activity. Instead, use the ransom money to beef up your computer security so this doesn’t happen again.
Windows 11 is definitely better than its predecessors when it comes to security. Here are some ways to dial it up even more.
My foolproof plan is to use Windows 10 until 2030, with the latest security updates.
Not Linux, not Windows. Something better.
My iPhone does it all, but I still need my dumb phone.
The fix was buried in one tiny toggle.
When your rival has to bail out your assistant.
