It has been reported that detectives from the Police Central e-Crime Unit (PCeU) have arrested three people in connection with using ransomware to blackmail people. It has been alleged that computer users were targeted and led to believe that they were required to pay a fine as part of an ongoing police inquiry – with the hackers using a popup page containing the Metropolitan Police logo to force users to pay up to £100 to retrieve the data on their computer.
It has also emerged that cybercriminals in the US are also adopting this tactic, using the FBI’s logo to trick and then defraud users.
Paul Davis, Director of Europe at FireEye has made the following comments: “With more people waking up to the realities of spear phishing and other methods of attack on their data – ransomware is looking like the next logical step in social engineering. And that is a very frightening prospect indeed. While this type of scam has been around for quite some time, recent incidents on both sides of the Atlantic suggest that hackers are increasingly making it part of their ongoing quest to capture valuable data. Worryingly, the panic created in people who happen to visit the wrong website at the wrong time could make them succumb to the financial demands of cybercriminals simply to avoid embarrassment.
“Though it is arguably a scam targeted at consumers, ransomware can easily find its way onto the corporate network – paving the way for larger-scale attacks against organisations. With employees increasingly browsing social networking websites and opening email attachments from strangers, they are fast becoming a real threat to IT security – after all, it takes just one person to click the wrong link for malware to infect the entire system. The information that is harvested and held to ransom can then be sold on to other hackers who really know how to use it.
“As with all sophisticated, elaborate IT security threats, the only way to ensure the most robust protection for the corporate network – without imposing a blanket ban on personal internet use – is for organsiations to have a comprehensive security solution in place across the entire IT estate. It’s been said time and time again that traditional perimeter solutions are not strong enough to fight the calibre of threats that we are seeing today, and advanced security tools must be used to protect all potential vectors of attack. Only then can IT teams be sure that all bases are covered, even in the event that one employee slips up.”