Authorities battle rising tide of ransomware

British businesses are increasingly paying online extortionists rather than reporting attacks to police, as authorities struggle to respond to the growing threat of so-called “ransomware”.

Ransomware uses encryption to lock users out of digital files until they pay a monetary ransom, often in bitcoin, for a key. Global ransomware cases increased by almost 170 per cent in 2015, with the UK “disproportionately hit,” according to Intel Security.

More

On this topic

IN Technology

However, an analysis carried out for the Financial Times by ActionFraud, the UK’s national fraud and cyber crime reporting centre, showed the number of cases reported to UK police declined by 16 per cent in the same period.

Ransomware is usually spread via malicious emails, but once it has infected a network it cannot be removed like a traditional virus.

Security experts fear that targets are likely to simply pay hackers to recover files rather than spend time reporting the crimes to authorities. Well-encrypted files cannot be unlocked unless police can find the criminals’ control servers, which are generally hidden and could be anywhere in the world.

Raj Samani, chief technology officer for Europe, the Middle East and Africa at Intel Security, said “ransomware attacks are rising at an alarming rate and show no signs of slowing down”.

“Ransomware services are surprisingly easy to find online at very low cost, enabling even the most amateur criminals to attack both businesses and individuals,” he added.

Criminals initially focused on individual consumers, but they are now targeting businesses and government organisations with higher ransom demands.

Earlier this year Lincolnshire County Council’s IT systems shut down for almost a week when it refused to pay a ransom demand.

In the US, which sees the highest number of attacks globally, a Los Angeles hospital paid $ 17,000 after attackers blocked access to its electronic medical records.

Detective Chief Inspector Andy Fyfe, from the City of London Police’s National Fraud Intelligence Bureau, described the rise of Ransomware attacks as “a significant problem” both in the UK and abroad.

Small and medium-sized businesses, which are likely to have weaker security buffers and less regular data backup systems, are particularly threatened by the attacks.

A February report about ransomware by Bitdefender, an internet security company, found that almost half of the victims surveyed across Europe and the US have paid extortionists to recover data, even though there is no guarantee files will be returned.

Security groups and police forces both say paying ransoms sustains criminals’ business models — the Cryptowall family of encryption malware generated an estimated $ 325m last year, according to the Cyber Threat Alliance, a group formed by security companies such as Intel.

Officials have admitted the difficulty of fighting the threat, with one FBI agent in the US telling a conference last year that encryption has become so advanced that “to be honest, we often advise people just to pay the ransom”.

A spokesperson for the UK Home Office encouraged users to report attacks to police. “We are working with industry [participants] to improve cyber security standards, taking steps to improve consumers’ awareness of steps they can take to protect themselves online, and working with law enforcement to ensure crime is investigated and offenders punished,” it said.

Copyright The Financial Times Limited 2016. You may share using our article tools.
Please don’t cut articles from FT.com and redistribute by email or post to the web.

Europe homepage

About The Author