Skip to main content

Reach for your Wallet!

Image
By

 

What about Ransomware?

Incidents of computer system hacking and ransomware attacks are chronicled almost eery day.  From the Hollywood Presbyterian Medical Center last yea, the Erie County Medical Center and many others have been victimized by ransomware attacks.  Our own Fairview Hospital was recently targeted by hackers who managed, at the very least, to scramble some of the information stored in their system.  All Berkshire Health Systems' computers may have been targeted but I cannot find any mention of  the incident in The Berkshire Eagle or other news sources.  More on that as I learn more.

In the Hollywood Medical Center incident, The criminals encrypted the hospital's complete file system informing the hospital that they would "sell" the decryption keys to the hospital for a fee.  The Medical Center eventually paid $17 million dollars in Bitcoin for the keys.  Presumably they got access to their patient data.

What is Ransomware? 

The Hollywood Medical Center above is a perfect example:  A non-authorized person (Bandit) gets  access to your computer and runs an app (we used to call these programs) that encrypts or "locks" most or all files on the system so that  they are inaccessible without the "unlock keys."   An unlock key is a very long string of characters (see example below) that supposedly make you data available to you.  The bandit then offers to sell the keys needed to unscramble the data.

Example Encryption Key
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUpwmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb13jZ6UtW+5u09lHNsj6tQ51s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55mbSYxECQQDeAw6fiIQXGukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMdaNzQW9WaI+NRfcxUJrmfPwIGm63ilAkEAxCL5HQb2bQr4ByorcMWmhEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo39s5p+sqGxOlFL0NDt4SkosjgGwJAFklyR1uZwPJjj611cdBcztlPdqoxssQGnh85BzCju3WqBpE2vjvyyvyI5kX6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbufhrT8ebHkTz2eplU9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=
-----END RSA PRIVATE KEY-----



How does a Bandit Run A Ransomware app on Your Computer?

Usually the Bandit does not run the app on your computer, YOU DO.  The bandit sends a e-mail, for example, that is set up to look like it is from a legitimate sender.  In the incident above, it could have been from "Medical Records" or "Patient Relations" or any one of numerous possibilities.  The e-mail has a document or photo or other file attached and the recipient is instructed to download it.  That's when the fun begins.

Sometimes a pop-up or link  on a web page will do the same thing.  I have seen pop-ups that look very similar to legitimate alerts coming from windows saying things like "Important: Dangerous virus found on your computer, Click here to remove".  When the user clicks on the link, bad stuff happens.  Bandits send these emails out by the thousands, hoping to find just one who will bite.  That's all they need.  That's why it;s called "fishing."

Although I have not encountered a client whose data was scrambled, I have encountered a few whose computers were infected with a virus that kept asking for money to buy a program to remove virus infections, including itself.  These were exceedingly difficult to remove as the virus consisted of multiple programs that each checked for the existence of the other, and re-installed any that were found missing.

The encryption may not happen immediately,   It could be installing software that allows the Bandit access to your computer without your knowledge.  This is precisely what happened to John Podesta, and the Democratic national Committee.   It very well may have happened to the Republican National Committee as well.  The Bandit needs only to infect the computer of one person who has access to the other systems and the gate is thrown wide open.  The bandit has scaled the wall and is now inside the compound.

(Next Post Prudence pays off - How to protcet your files) 














Labels:
































Comments











Post a Comment



















Popular posts from this blog





















Hoppin' John












By
























   A bowl of dried black-eyed peas artfully arranged for photographic effect   My Great Barrington neighborhood, "The Hill", (we live on a hill)  is one of the best aspects of life in the Berkshires.  Although it has been my home for almost 50 years, my roots trace to the deep south.  My 98 yr old Aunt Mil still lives in the Burgaw North Carolina  house where I originated and remember from my early school days.  My father was born and reared on a farm at the edge of Georgia's  Okefenokee Swamp .  Generations of my direct forbears share North Carolina, Georgia Texas and Tennessee as places of birth, life and death.  A direct Grandfather who was at Valley Forge, his wife and many descendants are buried in the Ebenezer Baptist cemetery in Hendersonville NC.  I migrated to the Berkshires from Eastern New Mexico, my mother's birthplace, just a spit from the Texas Panhandle, where I had lived since my 10th year.   Mrs Cowboy got started in Puerto Rico, (which is way, way so




















Post a Comment









Read more






























The Thing About Cornbread. Or is it Corn Bread?












By
























 A Blogger's Burden     Fresh from my oven: Southern cornbread in cast iron skillet   The major burden of having a blog is that the blogger actually needs to blog something from time to time.   Good intentions don't cut it.  Postings have to be posted. Today I  realized that my one, and only, post on Berkshire Pundit was more than three months ago.  Learning to do this correctly means learning to look everywhere for inspiration, then actually doing it.   What does that have to do with cornbread?  




















Post a Comment









Read more