Pick any news source, from the mainstream news outlets to publications targeted to technology folks, and no one can argue that 2014 was not unprecedented in terms of malware and cybercrime exploits. These statistics, combined with the vast numbers of mobile devices and the Internet of Things are unsettling. Every year, the pundits preach the same cautions and best practices so why are we losing to the criminals?
My view, by analogy to the biological world, is that criminals are adaptive in much the same ways as bacteria and viruses are in microbiology. Scientists develop an antibiotic to kill the latest superbug, and the bacteria mutates ad renders the antibiotic ineffective; and so continues the cycle. Also, no matter how much we cover our mouths when we sneeze and wash our hands, many of us still come down with the cold and flu each year, just as many of us are victimized by malware despite running ant-malware software and relentless patching.
Two trends which concern me a great deal are the magnitude of mobile devices and ransomware. While malware affecting mobile devices and ransomware are not new, convergence of the two merits serous attention an action.
Ransomware is not about theft; it is about extortion and destruction. By threat and intimidation, the cyber terrorists (yes, they are terrorists and not mere criminals), extract money from their victims or else valuable property will be destroyed forever. This is accomplished by gaining access, and then encrypting the data so that it cannot be used until the ransom is paid. Of course, following all best practices and guidelines for protecting our information assets will help reduce our risk of falling victim to these exploits. However, there is a big difference when protecting ourselves against ransomware verses protecting ourselves from cyber theft.
The term irreplaceable is the relevant difference. Think about it for a minute and compare to the physical world. As an example, a kidnapper demands ransom, or else the hostage will be killed or harmed. Another terrorists threatens to destroy a one of a kind art masterpiece unless the ransom is paid. In both cases, we are dealing with irreplaceable assets; one human and the other an object. Neither the person nor the object can be duplicated.
With information assets, we have complete control because we can always maintain an offline copy of the data. If our data is not irreplaceable, the cyber terrorists lose their edge. Ransomware is worthless albeit aggravating as long as the data is not unique or irreplaceable.
Small businesses and individuals are more likely to fall victim to ransomware as many do not routinely ensure that their data is backed up. Couple this vulnerability with weak defenses on smartphones and mobile devices and there is now a compound vulnerability which cyber terrorists can and will attack.
Besides practicing safe computing on our desktop as well as mobile devices, the best mitigation against falling victim to ransomware is to have a good and recent backup. If your data is not irreplaceable, there is nothing to hold hostage.