According to Experian Cybercrime generates 1.5 trillion dollars every year. The hackers are making a fortune. They go after the low hanging fruit, why bother with anything else – when it is so easy to have your bots find unpatched computers, servers, and software. The scripts are not trying to out-think anyone, not when a simple dictionary attack will guess thousands of passwords an hour. The scripts randomly probe networks for computers that are running old unpatched software. The holes are well known and they gain control using the well-known holes.
They don’t need to steal your data
Gaining control of a computer that is connected to the internet is enough for the effort to be worthwhile. It adds a bot to their botnet. A bot is short for robot, and it is a computer that robotically follows the scripted plan to find other vulnerable assets. A botnet is a network of bots under control all working to find more bots and vulnerable computers. Lists of vulnerable computers are available for sale to other hackers on internet sites that function similarly to eBay but are generally hidden from public view.
One vulnerability is blood in the water
Once the bad actor has control, they may try a ransomware exploit right away or have their software invesitgate the computer further to decide what is most profitable. A target that has one security hole probably has more than one, and if it is on a network, it has friends in the same state. It is not rocket science, scan the computers browser cache, look at the installed programs, and the script decides if this computer is a cash cow or a mule to find more cash cows.
Ransomware
If the script has found some word documents with keywords of interest, Excel files with interesting names, no need to try and make use of what is in them. The script can now compress them with a password. Someone will need to pay a ransom, usually in bitcoin, for the password to be able to open your files again. Ignore the request and deal with the lost data, or pay the ransom. A third alternative, restore the data might be an option. Far to often the ransom is just paid.
The latest Ransomware attacks news
Unintended consequence
Ransomware hackers are really starting to enjoy the benefits of Cyber Insurance. In a lot of cases, it is less expensive to pay the ransom than to restore the data, and with cyber insurance policies willing to pay the ransom this exploit has become even more profitable. Some evidence is starting to suggest that hackers are starting to target Cyber Insured computers.
