A new form of ransomware called “RAA” is, unfortunately, making the rounds. It’s getting attention for its unusual design, which makes it a possible glimpse into the future of cybersecurity risks in the “Internet of Things.”
Why RAA Works
At first glance, RAA looks like a run-of-the-mill ransomware scam. It arrives in your inbox looking like an email attachment. When opened, it scans your computer for documents, spreadsheets and other business-related files. It locks what it finds with enterprise-grade encryption, and a note written in Russian appears on your desktop explaining how to transfer $250 to RAA’s developer in exchange for the “key” to unlock your files. That’s frustrating and costly, but, so far, typical of ransomware.
What makes RAA different is that it was written entirely in something called JavaScript, which is computer code normally meant to run inside the web, in browsers and web apps. That makes it an odd choice for a program designed to infect personal computers. But RAA unfortunately succeeds because in the interest of being tightly connected with the web, Windows computers allow JavaScript to run right on their PC.
The Internet of Things and the Future of Ransomware
Windows allows this by default, because having a device tightly integrated with the web is otherwise incredibly useful and powerful. Just look at your smartphone and all its features that rely on web connectivity. That same level of connectivity is coming to more devices every day. Our near future is about to be filled with cars, business electronics, home appliances, even clothing connected via the Web. IT experts call this the Internet of Things.
So take how RAA exploits our growing reliance on web-connected technology and look into that future. Ransomware could infect a retail business’s cash registers and lock them down until a criminal is paid. Malware designed to target commercial vehicles could shut down a whole web-connected shipping fleet. A criminal could threaten to take over connected factory equipment and ruin millions of dollars in materials.
This might all sound like science fiction, but every day, more and more commercial products ship ready to connect to the Web. It’s only a matter of time before criminals find a way to exploit all of them.
Protecting Your Business Against Ransomware
Many incidents of extortion go unreported, but earlier this year, the FBI published estimated statistics on the recent costs of ransomware to American businesses. In the first three months of 2016, criminals collected more than $206 million from ransomware scams, on pace to pass $1 billion by the end of the year. Ransomware is a lucrative criminal business, so it’s worth knowing how to protect your business.
Having reliable security software usually protects against known ransomware programs, but almost every new one relies on deceiving someone into running it. Train your staff to only open attachments or connect devices with trusted contacts. If someone sends you an attachment or tries to connect equipment out of the blue, it’s always worth confirming the request’s legitimacy first.
Always have a contingency plan in case you are infected. Have a reliable backup system in place for your business’s files and equipment configurations. If you can restore mission-critical documents or reset your equipment with a clean configuration, then the criminals have no leverage with which to extort your business, and you’re back up and running that much faster.
Keep Your Business Protected
Total Computing Solutions is the trusted choice for information on the latest IT trends. Contact us at (920) 569-2681 or send us an email at service@tcsdepere.com for more information on protecting your business against ransomware.
