Security researcher warns "future is extortion" as cyber-criminals target SMEs

Sitting in the F-Secure Labs in Helsinki, Sean Sullivan, security researcher at F-Secure warned that the "future is extortion" as cyber-criminals target small-to-medium size enterprises for high returns.

Security researcher warns "future is extortion" as cyber-criminals target SMEs
Security researcher warns "future is extortion" as cyber-criminals target SMEs

Sitting in the F-Secure Labs in Helsinki, Sean Sullivan, security researcher at F-Secure warned that the “future is extortion”. Referring to a significant rise in ransomware attacks by organised crime gangs, he warned that ransomware operations have become ‘slick', so much so their customer support could be viewed as ‘enterprise' grade.

Operating in 156 countries in the world, scanning 300,000 URLs a day for malicious activity, scanning over 450,000 samples a day and ploughing through over 6,000,000 online reputation queries daily, Sullivan and his team are seeing a significant rise in ransomware attacks. 

He attributes the rise to people being too busy and too distracted by daily life to pay attention to the warning signs. 

“If you get an email from Amazon saying your order has been cancelled after ordering something, you won't want to question if the email is real, you would rather check what is going on,” Sullivan explained. 

He attributes this kind of behaviour to people not being trained – not in how to use the programs but how to spot and avoid common indicators that an email might be part of a phishing campaign. 

It's mistakes like these which open them up to attacks.

Sullivan went on to say that “if you have the IT skills, making malware is an economically sound decision”. For organised criminals, ransomware like Gameover Zeus can be highly lucrative. 

The group behind Gameover Zeus attempted to revive the money-stealing malware – originally called Gameover – within a month of police shutting down the original operation. Much of the same code was found to be in use and the malware was aimed at UK users.

According to Sullivan, the gang called “Business Club” are the Eastern European organised cyber-crime group behind “Gameover ZeuS”, with the FBI accusing them of stealing more than $100 million worldwide. 

They are currently wanted by the FBI and have an arrest warrant out in their name, and Evgeniy Mikhailovich Bogachev, a Russian man the FBI believes is responsible for building and distributing the ZeuS banking Trojan has a $3 million (£2 million) bounty out for his arrest.