Tuesday, 10 November 2015

Victims Learning Even Hackers Make Coding Mistakes

We have come to think of hackers as being coding geniuses who never get anything wrong. Yet to the dismay of some victims, we are learning that even the best hackers make coding mistakes. A case in point is a recently discovered variant of Power Worm.

Power Worm is a piece of malware also known as ransomware. Those responsible for creating ransomware have developed a model of hijacking websites and databases and then holding them hostage, electronically speaking, by using encryption to lock owners out. Only after owners pay a specified ransom is the data decrypted. In the case of Power Worm, however, decryption is easier said than done.

Experts say that a coding error in a new variant results in an encryption key being discarded once data has been encrypted. It matters not whether the victim is a single customer of a very large data centre or a corporate entity with its own cloud computing environment. Once the worm is planted and activated, any data within its path can be locked down with encryption. Security experts are warning people not to pay the ransom if hit by Power Worm or one of its variants.

Apparently, not all forms of malware have a coding issue. But there is no way to know once you've been victimised. Experts say that if the ransom is paid but the encryption key used to get data back had been disposed of, victims will have lost both their data and their money. It is far better to report being victimised by Power Worm to the authorities than to pay the ransom and hope for the best.

For the record, Power Worm and its variants primarily target Microsoft Word and Excel documents. But security experts are seeing new versions of the malware targeting larger data sets associated with other software applications.

Ransomware Big Business

In a world of expensive IT services and costly security initiatives, it may seem reasonable to pay one Bitcoin (approximately £250) to get back ransomed data and get on with the business of the day. But experts say it is exactly that thinking that is fuelling this segment of the cybercrime community. Ransomware is big business in which hackers are making money in volume. One Bitcoin here and another there quickly adds up to a lot of money.

According to a BBC report, the perpetrators of the well-known Crypto Wall ransomware and its variants have already racked up more than £215 million as a result of their activities. They are doing so one Bitcoin at a time. When businesses and other data owners acquiesce to the demands of ransomware creators, they are simply making the market for this kind of software more lucrative. And as with any other crime, a lucrative market will merely attract more players over time.

Hackers do make coding mistakes, as lots of people are now learning. Unfortunately, the Power Worm coding error means data potentially lost forever if ransoms are paid.

No comments:

Post a Comment