Recent Ransomware Attacks and the Value of Information

In the last weeks there has been an increase of Ransomware attacks, or at least many more cases have become public, see for example this Arstechnica article and CheckPoint analysis.

In principle Ransomware is among the simplest malware possible: in its simplest form it does not require zero-day or other vulnerabilities, erroneous security configurations or absence of advanced security measures. It is enough to execute on the target machine some code, with the user’s privileges, which encrypts all user’s data.

All of us continuosly download data on our PCs, smartphones etc. by “surfing” the Web, receiving emails, interacting in social media etc. So spam campaigns, malvertising, drive-by downloads can easily deliver to any PC some Ransomware.

Whereas anti-malware, and in particular anti-ransomware, is often effective against it, the common security mantra of “patch, patch and again patch!” is not said to be that effective since ransomware in principle can avoid to exploit unpatched vulnerabilities.

But most important what is the target of Ransomware attacks?

Ransomware attacks remind us that computers manage primarily information, and the main purpose of the attack is to take hostage this information. What is it good for a computer system if all information it manages is removed and we remain only with the Operating System and the applications? Without a valid backup of the users’ information, most of the value of a computer system is lost, and thus the ransom is paid…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.