11 Oct 2017
If you’ve seen any action movies, then you’ve seen it before. The hero is stabbed or impaled and left for dead by the bad guy, but somehow, they gather enough will to live to pull out whatever is inside them and save the day. That’s the movie version. In real life though, when someone is stabbed the last thing you want to do is pull the knife out because not only will the knife do more damage on the way out but it will also open the wound. Which means the person has a much greater chance of bleeding to death. Just like being stabbed, low level ransomwares can be stopped if you know what to do right after you’re infected, but if you have no idea what to do and just do the first thing that comes to mind like paying the ransom (A.K.A pulling the knife out) then you might do more damage than good.
In 2016 a ransomware called Jigsaw began popping up on cybersecurity experts’ radars. The malware got its name because the screen that pops up after the data has been encrypted has a picture of the puppet from the Saw films along with a message saying to pay .04 Bitcoins ($150) within an hour or thousands of your files will be deleted and every hour after that thousands more will be deleted. If you try and restart your computer, then, you guessed it, another thousand files will be deleted. If you haven’t heard of Jigsaw, then you’re probably wondering why such a malicious malware hasn’t been in the news. The answer is because the designers made it so poorly that there are now multiple ways to beat it. Imagine though, that you’re a scared employee or the first time you ever heard of ransomware was when Jigsaw took over your computer. You might do something like pay the ransom, which in this case is the same thing as pulling the knife out thinking you’re helping. Not only are you losing money, but there is no guarantee that the hackers will give you back your data or that they even have it.
At the RSA security conference in San Francisco this month, James Lyne, the global head of security research at Sophos Labs, said that more and more ransomwares are including timers like Jigsaw or some even shred the files without telling the victim and still asking for the ransom. Last year Ranscam was one of these ransomware variants. Like a regular ransomware, Ranscam demand a ransom, but even then it was too late because the files had already been destroyed and were impossible to recover. Security experts believe that the hackers behind Ranscam simply didn’t care to decrypt the data, so they deleted it and hoped to get their ransom. Just like Jigsaw, there’s no reason to pay a ransom to Ranscam. Unfortunately, if it’s on your screen then your files are already gone, but you can save yourself the frustration of paying the ransom and getting nothing in return by investing in your cybersecurity knowledge. Simply reading a cybersecurity blog could save you time and money in the future. Take Jigsaw for example. If you don’t know about it then you’ll feel pressured by the ticking clock to pay the ransom, but just a little bit of cybersecurity awareness would save you from pulling the knife out and paying the ransom.
You don’t even need to be an expert to save yourself from making these mistakes. Simply knowing who to contact and what to tell them after you’ve been attacked can be the difference between a scare and an attack. Invest in your cybersecurity awareness and stop yourself from pulling out the knife.