The square mile of the City of London is known throughout the world as the heart of the UK’s trading and financial services industry. Although only 7000 people actually live in the city, a whopping 300,000 people commute there to work every day. Recently, a rise in the use of ransomware is seeing those financial sector employees beset by a sudden rush of attacks. The aim of the cyber criminals? To extract as much cold hard cash from the well-paid finance employees as possible.
This is a robbery!
According to the cybersecurity firm Malwarebytes, the City of London is being attacked with the malicious malware at far higher levels than the rest of Europe. With huge flocks of people reporting that their devices are being completely locked up unless they agree to pay an exorbitant sum.
Where there is money there are also hackers, and sadly these days the sharing of hacking tools online is leading to an explosion of hacking worldwide. A growing army of cyber criminals that are largely motivated by the same thing: Dollar signs flashing in their eyes.
In the US, employees of the financial sector who work on Wall Street are having the same problem. Thanks to the rise of Bitcoin – and the relative ease of getting hold of them – the last year has seen quite the spike in attacks. With people having their phones, tablets, and laptops encrypted unless they agree to pay up a Bitcoin ransom.
Ransomware: Why Bitcoins?
Bitcoins are the preferred medium for receiving the ransom because of the way that they can then be laundered using Bitcoin tumblers or washers. Bitlaunder.com, for example, promises to quickly and easily,
‘Anonymize your bitcoins so that transactions and payments cannot be traced back to you.’
The sums that people’s devices are being held for are also skyrocketing. Whereas in the past people were being held up for an average sum of around $200, people in the City of London and Wall Street are being held for between $500 to $1000. Combine that with the fact that ransomware attacks have quadrupled since last year and you begin to understand the problem.
The rich target
It is not just rich finance sector workers either, anybody with money could be a target. In April of this year, Dave Winston – crew chief at the Circle Sport-Leavine Family Nascar team – had all his word documents and spreadsheets encrypted with ransomware. His systems stayed scrambled until he paid a ransom of $500 (in Bitcoins).
Malwarebytes, who monitored ransomware attacks throughout Europe for a year, says that people working in the city of London are suffering from much higher levels of attacks than elsewhere. Proof that the hackers are specifically targeting those people that they know can afford to pay up.
According to the cybersecurity firm, the City of London suffered from around 10,500 ransomware attacks over the last 12 months. That is a staggering 670% more than the second biggest target in the UK: The city of Manchester. With such a remarkable difference between attacks in the no.1 and no.2 most affected locations, nobody could deny that the Square Mile is being specifically victimized.
In August the CEO of Malwarebytes, Marcin Kleczynski, revealed that because of the explosive nature of ransomware attacks, many Banks have been stocking up on Bitcoins just in case they are attacked,
‘I talked to a couple of banks and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits.’
That behavior appears to sum up the feeling of hopelessness that Ransomware brings about in most people. Especially when the data that has been held-up on the encrypted system is needed back immediately.
What should you do?
So what do we know about ransomware and how can people attempt to protect themselves?
According to recent figures, as many as 43 percent of types of malware can be used to deliver ransomware. With the most commonly employed kinds being File Cryptor, File Locker, Trojan Ransom, TeslaCrypt, Cryptowall, WildFire, Chimera, Shade, CoinVault, Rannoh and Rakhni.
Solutions for enterprise
Luckily, cloud security firms are starting to add ransomware recovery to their arsenal of recovery tools. Netskope, for example, is in the process of implementing a solution that rapidly fixes the effects of an attack without victims having to cough up any ransom money.
The solution works by containing the active ransomware infection, before quickly restoring back to unaffected versions of the encrypted files.
Tougher for individuals?
While that solution may be suitable for enterprise, people working in the City or Wall Street may be more interested to know about a few free solutions that have been having moderate success.
Free ransomware decryption tools are part of the No More Ransom project, a joint venture started by Europol, Intel Security, and Kaspersky Lab and the Dutch national police. So far the program has helped around 2,500 people to decrypt their devices without having to pay a dime. A free solution for victims that it is believed to have cost cyber criminals a massive $2million in the first three months alone.
Yesterday, Europol announced that a further 13 countries have joined the project. The new member countries are Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland and the United Kingdom. Europol hopes that by working more closely with both the private sector and member countries, more success stories about tackling ransomware may become the norm in future.
Anybody who is currently suffering from a ransomware attack on their device is strongly recommended to check out the project’s site for advice. In addition, you can take a look at our guide here.