When it comes to cyber-crime, holding data for ransom is not a common form of attack on enterprises. The recent hack of a Virginian state Website is a reminder that ransomware and other schemes can still be viable ways for cyber-crooks to try to make a dollar.
The PC Cyborg Trojan appeared on the scene back in 1989, encrypting files on
the C drives of infected users. It then prompted them to contact the PC Cyborg
Corporation and pay a fee to have their files decrypted, marking what is
considered to be the first piece of ransomware in the wild.
20 years later, a hacker has attempted a similar scam, this time breaking into
the Virginia Prescription Monitoring Program's Website and demanding payment in
exchange for access to data on more than 8 million patients. According
to Wikileaks, the attacker or attackers put a message on the Website April
30 stating that the database of prescriptions had been placed in an encrypted,
password-protected file. To get it back, the state must cough up $10 million,
according to the demand.
at a time when botnets are quietly stealing mountains of financial and
corporate data and slinking off into the cyber-crime
underworld, data being kidnapped and held for ransom is not among the top
threats enterprises should be worried about, security pros say. Truth be told,
the biggest threats are the ones that attempt to leave
no trace for victims to pick up on.
hacking definitely occurs somewhat regularly, but I'd consider it far lower on
the risk ledger than most kinds of cyber-crime," said Rich Mogull, an
analyst with Securosis. "It's far higher risk to the bad guys than quietly
stealing data and selling it on the black market."
added, "I don't think this was ever a hugely popular form of attack, but
it's one that draws a lot of attention the few times it happens."
common are incidents of researchers attempting to blackmail companies or
vendors when they find a vulnerability in software, but even those schemes have
declined in popularity, Mogull said.
there is no shortage of people looking to exploit vulnerabilities to either
steal data or rope users into scams to buy rogue anti-virus software, and the
profitability of those activities may make a high-profile extortion or
blackmail attempt less attractive to black hat hackers. Or, as McAfee's Dave
Marcus suspects, the deterrent may just be the threat posed by
additional interaction with the victim.
schemes "were never hugely common-meaning they probably never took off,"
said Marcus, director of security research and communications at McAfee
Avert Labs. "It might be reasonable to assume that it was always
easier to steal and sell data. By communicating with the victim, it seems to
create much more of a chance of being caught."
there was a conviction in the case of the PC Cyborg Trojan, tracking
cyber-criminals remains a notoriously difficult proposition for law
enforcement. However, according to a report
by CBS News, the FBI is investigating the case in Virginia.