Are you scared of ransomware? Ransomware is software (malware in fact) which infects your IT systems and encrypts your software and data, effectively shutting down your IT systems. Then the criminal behind it offers to decrypt your files if you pay a large amount of money to them, usually in a cryptocurrency. So, are you scared? Well you should be. It may surprise you to learn though that ransomware has actually been around for over 30 years, although it is today a fairly mainstream threat in society and the IT world, with many organisations having been held to ransom. Do a Google search and you can check it out for yourself. Unfortunately, you will also see that even those who pay the extortionists often are further betrayed and the criminal trashes the data anyway or refuses to decrypt. So it is important to be aware and take steps to prevent it.
But believe it or not this is not an article about ransomware which is, to a certain extent 'old' news. It’s true that for the last several years, ransomware attacks have been a scammer’s/hacker's favourite mechanism to milk cash from their poor unfortunate victims. However, Microsoft’s security blog recently reported that ransomware has now fallen out of favour compared to another way of criminals are making money from organisations’ IT systems: cryptojacking.
Criminals love both ransomware and cryptojacking because these hustles make money for them – lots of it.
Ransomware, the previous king of malware, achieved this by locking down the victim's computer and refusing to unlock anything until they paid up. This was extremely effective - but also highly noticeable because the criminal had to deliver the ransom message with demands and an explanation of how to pay, together with the threat of what would happen if payment was not received. For responsible businesses, this led to changes in behaviour; they bought and installed anti-ransomware protection, they bought insurance, they beefed up their legal contracts with IT and other suppliers (inserting stronger indemnity and warranty clauses, increased reverse limits of liability etc.) who may have access to their systems.
Cryptojacking, the pretender to the crown, is when a criminal sneaks a program into an organisation’s IT systems and uses its resources in the background to mine cryptocurrency (essentially carrying out billions of mathematical calculations to 'earn' Bitcoin and the like). This may not sound so bad but it steals processing power, slows down IT systems and steals electricity. Cryptojacking is a lot less noticeable than ransomware because, unlike ransomware which shuts down computers and demands money, cryptojacking simply drains resources from IT system without directly revealing its presence. Most of us are used to computers slowing down occasionally – although cryptojacking can rather more permanent. Which of us can prove what causes our IT systems to 'slow down'?
To guard against a threat you are not even sure is there means being aware of the threat in the first place (well done for reading this article!) and then taking enhanced steps to protect against it. This does mean installing cryptojacking monitors, undertaking more monitoring and analysis of system resources, buying insurance which covers this new threat or checking existing insurance covers it, beefing up legal contracts with IT and other suppliers specifically to allocate expressly these new risks and responsibilities to those suppliers (including again by inserting stronger indemnity and warranty clauses, increased reverse limits of liability, increased obligations and the like etc.).
Doing all this and seeking advice on it leads to yet another drain on finances: consulting your local friendly technology lawyer. Rather like spending on an insurance policy, it’s often perceived as a necessary evil but you will sleep better at night. And so, we remain ready to help.