First Line of Defense: The Psychology of Ransomware

2 years ago

Text only:

This message contains graphics. If you do not see the graphics, click here to view.
View the Web version.
First Line of Defense
Your regular source of security updates from TrendLabs
June 30, 2016

The Psychology of Ransomware


Ransomware is grabbing headlines nowadays because it’s been effective at extorting money from end-users to small businesses and enterprises. We managed to predict its rise, too, with one of our published predictions last year stating that 2016 would be called the year of online extortion. But what makes ransomware so effective?

Like scareware, ransomware preys on psychological fear. But instead of fake warnings of system infection, ransomware locks user systems and encrypts files. Ultimately, ransomware takes advantage of people’s fear of losing crucial information.

We see this in all of the notable and financially-damaging cases, when the aggrieved parties chose to pay the ransom – some of which reached thousands of dollars– just to regain what the
"Since its inception, ransomware has capitalized on victims’ fear of losing data. To avoid giving in to that fear, an efficient backup system must be in place."
ransomware took. One example of this was when the University of Calgary paid over CA$20,000 to recover access to their encrypted files, which contained critical research data. We also note that despite having paid the ransom, the University did not regain access to their files at all.
And cybercriminals have developed ways to further capitalize on this psychological fear in order to convince users that paying the ransom is the best option. For instance, the JIGSAW ransomware would force users to pay the ransom within a 72-hour deadline. If the affected user failed to pay before the deadline, the ransomware would delete the encrypted files. Then there is also another strain of JIGSAW which aimed at shaming victims about their supposed ‘porn addiction’. CERBER,too, went this route by using voice clips to urge users to pay.

Like in the case of the University of Calgary, paying the ransom is not a guarantee that files will be returned. The only thing ransom payment does is opening more doors for cybercriminals to repeat the attack or encourage future attacks on other victims.

Since its inception, ransomware has capitalized on victims’ fear of losing data. To avoid giving in to that fear, an efficient backup system must be in place. We recommend the 3-2-1 backup rule (three backup copies, in two forms of media, with one stored off-site) as a great way to begin saying NO to ransomware. Having a robust security solution also goes a long way toward ransomware prevention, whether at work or at home.

For more details, you can check out the article, “Why Ransomware Works: The Psychology and Methods Used to Distribute, Infect, and Extort”.

We wish to thank our avid readers for making our newsletter their immediate source of threat and security-related information. As our valued subscribers, we wish to inform you of the new consumer newsletter we will be releasing soon. And we would love for you to check it out and subscribe here. Just the same, you may continue to follow our social media accounts and the TrendLabs Security Intelligence blog for security news.


Security Spotlight
Why Ransomware Works: Tactics and Routines Beyond Encryption

How does ransomware really work? We go deeper into the tactics used by the notorious malware authors and the routines that take place other than encryption. Knowing this his can help IT administrators understand what ransomware does and why it is.

Security for Home Users
FLocker Mobile Ransomware Crosses to Smart TV

Find out how mobile ransomware FLocker has crossed technological boundaries and has affected smart TV users in this investigative article.

Security for Business
Ransomware 101: What it is and how it works

What IS ransomware and how does it function? In this article, we provide information on the impact of this threat to businesses and end-users. We also share some tips on how to defend your systems against it.

© 2016 Trend Micro Incorporated




Deel deze nieuwsbrief op

© 2019