Ransomware infections expected to massively improve and infect in 2013

News by Dan Raywood

Ransomware infections will increase in 2013, as techniques and technologies increase in sophistication.

Ransomware infections will increase in 2013, as techniques and technologies increase in sophistication.

James Lyne, director of technology strategy at Sophos, said that instances of ransomware, where a victim receives an email or message informing them that their data has been encrypted and they must pay to get it 'unlocked', have 'exploded'.

Lyne said that while this is not a new concept, the quality of implementation has massively increased, with attackers encrypting files with public key cryptography.

“Before they encrypted with a key but we were able to figure the key out and unlock it by reverse engineering the encryption key, but now they use public key cryptography and post the results to a remote server,” he said.

Once a person is infected, the victim has two options: to pay the criminal money or to not respond, as there is a chance that the attacker has moved and have taken down the domain already.  said: “We are usually seeing thousands of pieces of ransomware when there were three or four pieces a few years ago, so it is a pretty big growth and we will see more in 2013.”

Lyne said that the average amount of a typical ransom is $300 to $400 but the worst Sophos had seen was where the victim was accused of doing something wrong and if they did not respond and pay they would send a password to the police with information of a file on the victim's computer that apparently contained child pornography and spam software. In instances such as this, Lyne said the ransom amount could be $3,000.

Recent statistics released by the Irish reporting and information security service (Iriss) and computer emergency readiness team (Cert) said that there had been an issue of ransomware, with six separate incidents targeting Irish businesses reported.

Irisscert chair and founder Brian Honan said: “We are aware of a number of victims here. We are working with other Certs in other countries to try and deal with this.”

Lyne said: “Now that cryptography is being used, it could be game over. We are used to cleaning up malware and getting your money back from the bank, but this doesn't work this way.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews