SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Symantec: Ransomware on the rise
Tue, 27th Oct 2015
FYI, this story is more than a year old

Last week Pat Pilcher caught up with Mark Gorrie, the Australasian territory manager for Norton at Symantec, to pick his brains about all things cyber security related.

According to Gorrie, there's no shortage of security issues. Ransomeware on the rise, and the Internet of Things (IoT) is providing rich pickings for cyber crims.

PP: How bad is the cyber threat environment at the moment?

MG: If there is one thing that can be said about the threat landscape, and internet security as a whole, it is that the only constant is change.

Attackers are moving faster, being more creative and applying greater resources than ever before, making it even harder for people to defend themselves.

PP: Is there more at stake now than, say, a few years earlier?

MG: People are living more of their lives online, sharing information and using mobile devices to stay connected all the time.

What many people don't realise is that using their smartphones as the point of control for all of their connected devices - fitness trackers, thermostats, home security systems - provides a treasure trove for cybercriminals looking to steal their identity or access personal information.

According to Symantec research, one in four people admit to not knowing what they're giving access to when agreeing to the terms of an app.

Many people still use the same password for everything - from their Fitbit to their bank account. Attackers only need to hack one to access the others.

Symantec has continued to see attacks against Point of Sales systems, ATMs and home routers in 2014. It's no longer only our PCs at risk. The potential for cyberattacks against cars, street lights and medical equipment is no longer science fiction.

PP: What sort of threats are most prevalent?

MG: Ransomware is on the rise. Cybercriminals have perfected digital extortion and created a multi-million dollar enterprise by moving away from simply fooling victims - to threatening them.

Social engineering still gets results for cybercriminals. They're polluting social networks by tricking people into spreading scams to all their friends. When friends fool friends, cybercriminals simply sit back and watch the money roll in.

Symantec's Internet Security Threat Report reveals there was a record of 24 zero-day vulnerabilities discovered in 2014, leaving an open playing field for attackers to exploit known security gaps before they were patched.

Advanced attackers favoured these vulnerabilities to silently sneak onto victims' computers, as vendors took an average of 59 days to create and roll out patches - up from only four days in 2013.

PP: Looking at some of these threats what do complacent consumers stand to lose by doing nothing?

MG: Consumers that fall victim to ransomware threats stand to lose all their personal information and files - typically documents, photos, movies and music will all be lost in a ransomware threat.

The costs associated with retrieving this information can be quite expensive and in some instances those files can be lost forever.

PP: What changes has Symantec seen with how consumers are using tech that have implications on their digital security?

MG: Younger users (millennials/those under 35) are living more of their lives online - sharing all the details of their activities on social media. But many are not as vigilant about their security as older people. This puts them at risk of identity theft, ransomware, phishing and viruses.

PP: Has the digital environment become more complex?

MG: Attackers are exploiting vulnerabilities more rapidly and building more evasive malware that can infiltrate, hijack and infect a person's device. Cybercriminals today have the resources and skill to carry out their attack campaigns over a period of months - or even years - without the knowledge of the person being attacked.

While advanced targeted attacks may grab the headlines, non-targeted attacks still make up the majority of malware. In the last year, Symantec reported nearly one million new threats were released into the wild each day.

PP: Are there any cyber security issues that people need to be particularly aware of?

MG: Ransomware seems to be a real growth industry for cybercriminals at the moment.

According to the latest ISTR: ransomware attacks grew 113% in 2014 and continued to spread to devices beyond the PC - including mobile and network attached storage (NAS).

In fact, 45 times more people had their devices held hostage in 2014 than the previous year, as attackers began to favour more vicious crypto-ransomware style attacks.

Australia was the number one targeted country for ransomware attacks in Asia Pacific and Japan and 7th globally - 96,494 ransomware attacks in 2014. Australia also had 21% of crypto-ransomware of all ransomware infections.

New Zealand was the fourth most targeted country in Asia Pacific ad Japan, 27th globally - 14,833 ransomware attacks in 2014. New Zealand also had 15% of crypto-ransomware of all ransomware infections.

Victims are offered a key to decrypt their files, but only after paying a ransom that can range from $300-$500 - with no guarantee their files will be freed.

PP: Aside from the obvious (installing Norton), what other measures should consumers take to ensure they are reasonably safe from digital threats?

MG: Norton Top Tips to Stay Safe Online: 1. Keep your computer current with the latest patches and security updates 2. Choose strong passwords and keep them safe 3. Protect your computer with security software, such as Norton Security 4. Shield your personal information 5. Beware of scams - online offers that look too good to be true usually are 6. Turn off location settings on smartphones 7. Read privacy policies for applications 8. Be aware of your mobile security 9. Be careful what you share on social media - think twice about posting revealing photos 10.  Backup information regularly - documents, photos, passwords etc.

PP: What do you expect to see change-wise in tech and what are the implications of this on digital security?

MG: As consumers buy more smart watches, activity trackers, holographic headsets and whatever new wearable devices are dreamed up in Silicon Valley and Shenzhen, the need for improved security on these devices will be become more pressing.

It's a fast-moving environment where innovation trumps privacy. Short of government regulation, a media-friendly scare story or greater consumer awareness of the dangers, it is unlikely that security and privacy will get the attention it deserves.

The market for IOT devices is growing, but is still very fragmented with a rich diversity in low-cost hardware platforms and operating systems.

As market leaders emerge and certain ecosystems grow, the attacks against these devices will undoubtedly escalate, as has already happened with attacks against the Android platform in the mobile arena in recent years.