Menu
With ransomware on the rise, cryptographers take it personally

With ransomware on the rise, cryptographers take it personally

The security industry is not doing enough and it's going to get worse, they said

Some of the world's leading cryptographers are concerned about the increasing number of malicious programs that hold computers and mobile phones to ransom, in many cases by abusing the encryption algorithms they designed.

Despite law enforcement efforts to disrupt ransomware operations, the prevalence of such programs continued to grow last year, according to a report published Thursday by antivirus vendor F-Secure.

A family of ransomware programs known as Browlock, which impersonates police agencies and asks users to pay fictitious fines in order to regain control of their computers, was one of the top 10 PC threats during the second half of 2014, according to F-Secure's statistics. An increase was also observed among the ransomware threats for Android phones.

While Browlock only prevents users from accessing their desktop, there are other ransomware programs that are much more aggressive and hard to recover from. These threats include Cryptolocker, CryptoWall and CTB-Locker, which encrypt users' files with strong cryptographic algorithms, making it impossible to recover them in the absence of unaffected backups or without paying for the decryption keys.

In what is almost a testament to how audacious and effective these threats are, there have already been several cases of police departments being forced to pay criminals to decrypt their files.

"I think it's a very serious problem," said Adi Shamir, co-inventor of the widely used RSA cryptosystem, when asked about ransomware on a discussion panel at the RSA security conference earlier this week. "It's going to stay with us and we need to think about new techniques to stop it."

Shamir believes that ransomware is an area where the security community failed "in a miserable way," because there are no good products to protect against it. And this is just the beginning, he thinks.

Today ransomware can affect your PC or your mobile phone, but it's only a matter of time until your smart TV and other Internet of Things devices will also be held to ransom, he said.

That time is probably not too far in the future. F-Secure noted in its report the emergence last year of a ransomware program called SynoLocker that infected network-attached storage (NAS) devices made by a company called Synology.

Most file-encrypting ransomware threats use public-key cryptography, where the data is encrypted with a public key that's part of a public-private key pair. Recovering this public encryption key from infected systems does not help, because only the private key, which attackers retain on their servers, can be used to decrypt the data.

Public-key cryptography underpins some of the Internet's most widely used security protocols including SSL/TLS and GPG.

When introducing the topic of ransomware, the RSA panel's moderator, Cryptography Research President Paul Kocher, described it as "the pure evil incarnation of public-key cryptography."

MIT professor Ron Rivest, co-inventor of RSA with Shamir and Leonard Adleman, noted that while cryptography is used mostly for good, as most technologies, it can also be used for bad.

Despite knowing this, the abuse of the RSA algorithm by many ransomware programs, makes him feel "sort of like a mother whose son was brainwashed and left to become a jihadist in Syria," he said.

The ransomware problem is not restricted to attackers encrypting other people's data, said Whitfield Diffie, one of the pioneers of public-key cryptography. In order to do pull off a ransomware attack, criminals need to first penetrate someone's computer and use some sort of exploit, he said.

Once an attacker has that level of access on a system, even if the potential data loss problem is solved, they will find something else to blackmail the user with, he said.

Another thing to point out is that the ability of ransomware creators to extort money from users depends in part on anonymous payments, Rivest said. Anonymous communications between people is essential for democracy, but the value of anonymous payments is debatable, he said.

Most file-encrypting ransomware programs require payments to be made in Bitcoin.

The abuse of encryption algorithms is certainly not going to stop cryptographic research and advances. However, it will be interesting to see if the ransomware problem will make its way into the rhetoric of government officials, who are increasingly pushing for ways to bypass encryption so that police and intelligence agencies can perform lawful intercepts.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securityf-secureencryptiondata protectionmalwarefraud

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments