File Denied: The Ongoing Ransomware Crisis
April 5, 2016
The contemporary premise by which we lead our lives is that of a tech-based society. Nowadays, it is common practice that we are accompanied by both small and large screens at almost all times. We do this in order to fulfill both professional and personal needs that would have seemed like something out of a science fiction novel twenty years ago. We are alleviated in some of the petty work that we once strained over — communication is a cinch and updating ourselves on the latest current events is the easiest it has ever been (after all, isn’t that what you’re doing now?). Yet, despite all the good that we are permitted via living in this modern internet-based age, we are dealt quite a lot of newfound dangers.
As of the past few weeks, hospitals in California, Kentucky, Maryland, and the District of Columbia have been the subject of multiple malware attacks by anonymous hacker-based criminals and groups. In each case, patient data has been stolen and ransomed (typically in exchange for the internet-based currency called bitcoin), forcing the hospitals into shambles and, in some cases, causing them to turn away patients. After all, without any records to medically support their patients, hospitals had next to no means of treating those in need of health services. In February of 2016, a hospital in Los Angeles paid 40 bitcoins (the equivalent of $16,664) in exchange for patient data.
The hacker groups were able to commit their felonies via the installation of a certain malware, commonly referred to as ransomware, that first encrypted files on the hospital servers. After the installation was complete, the hackers would hold all the data ransom in exchange for a decryption key. The files, when clicked on, would usually appear as decrypt.html or decrypt.txt as opposed to their original user-based titles. The way that hackers can run such software without the knowledge of the user is through the way that they install it. The virus is sent in an email (usually as an attachment in the form of a .pdf, .wrd, or other popular file medium) and once it is opened, the malware will begin installing in the background. The user is not notified until the full installation is complete, as was the case with the Maryland cyber attack — in which instance the hospital workers resorted to the classic alternative of using physical documents to supplement the many patients’ needs. This attack was one of several attacks on MedStar Health hospitals which theorists have speculated were specifically targeted. In all likelihood these targeted hospitals all had similar systems that could all be hacked by the same (or comparable) forms of malware/ransomware.
These malware attacks are not only confined to hospitals, though. Just recently in March, hackers targeted Apple, employing ransomware that preyed upon the iMac operating system OSX El Capitan. In these attacks, Apple was quick to retaliate, stopping the hackers with only 6,000 infected computers and all the associated files at ransom. Also in March, hackers attempted delivering malware via placement in multiple ad networks. This occurred in several major news circuits, such as the New York Times, the BBC, AOL, and the NFL. Once on a page with one of the infected ads, users would be redirected to a server hosting the malware. From there, it would be downloaded unbeknownst to the user and it would begin encrypting the computer’s files, leaving the unfortunate user at the disposal of whoever held the decryption key.
This defilement (pun not intended) of innocent citizens continues to be a massive problem within the country. Last year, the FBI reported that the United States lost over twenty-four million dollars to ransomware. Alas, while the future for a malware-free internet may seem dim, the government and countless other programmers are attempting to make a stance against the hacker threat. Ultimately it seems that while we evolutionize as a race, the ways that we commit crimes and the ways we stop them will evolutionize alongside us.