Protecting Yourself from Ransomware

Posted by on Jun 20, 2013

Malware has infected everything from personal computers to large corporate servers. But the latest malware threat comes with big backers from the movie industry. Ransomware is malware that infects a computer, locking all functions and files until a given action or request is satisfied. Such rootkits and malware hide on computers and are very hard to scrub. Unfortunately, lobbyists are currently urging lawmakers to adopt policies that would legalize the infection of corporate ransomware on suspected pirating devices without proof of engagement in piracy.

Legal Malware

Image courtesy of arstechnica.com

Recent research has shown that one installed, malware can be remotely triggered and controlled through a wide range of methods, from visual cues that tap smartphone cameras to audio triggers. This dangerously turns user devices into spyware that can be used to exploit unsecured private information. And for workers that enjoy Bring Your Own Device (BYOD) policies at work, hackers could use your address book, applications, and GPS to engage in a tailored phishing attack to try to crack corporate desktops and networks. As Marian Merritt, Internet safety advocate for Norton, says, “Information about where you go and who you see – it could have value [to criminals]”.

Jon Huntsman

Photo courtesy of theglobalipcenter.com

Despite the dangers of malware, the Commission on the Theft of American Intellectual Property (TCOTAIP) is recommending the legalization of corporate malware, or ransomware, as a proactive defense measure against pirating. This commission is made up of seven former tech CEOs and bureaucrats including Dennis C. Blair and Jon Huntsman. In a recent recommendation to the U.S. government, the TCOTAIP laid out suggested solutions to combat state-sanctioned hacking from China, but such solutions would ultimately extend to any kind of file sharing of copyrighted material.

Malware Propogation

Image courtesy of Microsoft.com

One of the suggested solutions reads as follows:

Software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account.

Ultimately, this means that corporations would be able to preemptively infect suspected devices with ransomware without obtaining oversight or having to prove piracy. This would be just like seizing the house and assets of a suspected petty thief before taking the thief to court.

The current recommendation calls for a change to standing U.S. laws to allow the spread of such legalized malware:

While not currently permitted under U.S. law, there are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.

That’s right, the recommendation calls for legislation that would allow a company to “destroy” your computer or network without proving criminality. Even more disturbing is language in the recommendation that seems to suggest that oversight of copyright enforcement be given to the National Security Agency. This would take such matters out of the domain of civil courts, rebranding copyright and patent issues as national security concerns:

Designate the national security advisor as the principal policy coordinator for all actions on the protection of American IP. The theft of American IP poses enormous challenges to national security and the welfare of the nation. These challenges require the direct involvement of the president’s principal advisor on national security issues to ensure that they receive the proper priority and the full engagement of the U.S. government.

BYOD & Ransomware

For businesses, ransomware has the potential to add a greater degree of danger to Bring Your Own Device policies. BYOD policies have become the latest rage for businesses looking to offer their workers greater mobility and flexibility while taking advantage of better workflow and productivity. But non-secure BYOD policies could leave sensitive company information vulnerable to malware infections and even ransomware if the TCOTAIP’s recommendations end up influencing legislation. Imagine a worker that brings a personal laptop full of pirated music or shows to work, only to have the company’s network identified and shut down as a potential source of pirating. SMBs can guard against both malware and the prospect of ransomware by engaging in proper endpoint management as well as using a third party cloud provider for secure data storage.

Choosing the right third party cloud service can be difficult as many cloud services on the market have security gaps that leave private data vulnerable to third party attacks. One cloud service provider that sets itself apart from the rest of the market is SpiderOak. This private cloud service offers all of the benefits of cloud storage along with 100% data anonymity.

SpiderOak protects sensitive data through two-factor password authentication and 256-bit AES encryption so that files and passwords stay private. Two-factor authentication is just like the process used by some financial services that require a PIN as an extra precaution along with a password in order to log in. With SpiderOak, users that choose to use two-factor authentication must submit a private code through text along with their unique encrypted password. Users can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of passwords or data. And plaintext encryption keys are exclusively stored on approved devices. SpiderOak’s private cloud services are available for businesses and individuals on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices.

Leave a Reply