Active Hackathon

Why Ransomware Hackers Love Holidays

Ransomware takes time to disseminate throughout a network, and hackers have maximum control over most systems.
Ransomware Hackers

Just a week before the three day Labour Day weekend holiday, the FBI issued a warning, alerting the citizens to be precautious against ransomware hackings. The issue cited incidents to prove that some of the most successful cyberattacks occur during holidays. 

Just take a look at the past few months; May saw two significant ransomware attacks over the holiday season, during Mother’s Day and the Memorial Day weekend. The former that is suspected to be associated with DarkSide paralysed the infrastructural entity in the energy sector, leading to extortion and a week-long halt in operations. On Friday, heading into Memorial Day weekend, the Food and Agricultural Sector was hit and suffered a complete production shutdown. 

THE BELAMY

Sign up for your weekly dose of what's up in emerging technology.

It’s easy to say; hackers seem to love holidays. A set of days with everyone out enjoying with their families and being offline? They probably won’t even realise they have been hacked until a few days later. Hackers have been around for years, and holiday hacking isn’t a new trend. The FBI’s warning sure makes it a serious one. 

According to CyberRisk Insurance company, Coalition, an increasing amount of hackings are being done using a banking trojan, Trickbot, that installs ransomware. As of July 2019, Trickbot is estimated to have harvested over 250 million IDs and passwords from users opening an attachment or clicking a link. 

Ransomware – the Monster in your Closet

Trickbot first enters a company network through employees opening an infected email attachment or clicking a malicious link from unreliable sources. It goes on to hijack the user’s email account and send the same malicious documents and links to the user’s entire contact list, spreading it as fast as possible through email. Next, the malware secretly installs a program on the infected computers and connects it back to a “command and control” centre that the hackers have complete control over, and by that, the computers. They can further use this to install ransomware, access email, or steal the personal/banking information of the users. Finally, when all the damage preparations have been completed, the hackers spring the tap and activate the ransomware

Ransomware takes time to disseminate throughout a network, and hackers have maximum control over most systems. The holiday distraction means people won’t notice hacking quickly, giving the culprits more time to do all the damage they can fit in. It also means that people will be slow to deal with it since it will be more challenging to hold security than it would on any working day. 

How dangerous is it?

The July 2 ransomware attacks on US cybersecurity is attributed to the REvil gang, a major Russian-speaking ransomware syndicate. In fact, according to cybersecurity researchers, targeting customers of Kaseya could be one of the broadest ransomware attacks on record. The attack affected thousands of victims in at least 17 countries with ransom demands between $45,000 and $5 million. 

Unfortunately, many victims were busy celebrating the weekend by the poolside and did not even realise they had been hit until things reopened on July 5 or 6.

According to the FBI’s Internet Crime Complaint Center (IC3), 2020 saw a record number of 791,790 complaints about internet crimes, with reported losses exceeding $4.1 billion. This is a 69 per cent rise from complaints in 2019. In fact, 2,474 of the complete IC3 reports were malware, a 20 per cent increase from 2019.

How to run from it

Preparation from potential virus attacks works like a vaccine. The point isn’t to prepare prevention one day before a holiday – the chance is, the malware has already been installed on your computer, ready to strike during your Sunday brunch. Instead, you have to prepare a defence against viruses way before the ransomware hits. 

In most cybersecurity circumstances, the FBI and CISA’s guidelines are the best practices:

  • Don’t click on suspicious links.
  • Make an offline backup of your data. 
  • Use strong passwords to secure your user accounts.
  • Make sure your software is up to date, and scan it for vulnerabilities.
  • Use two-factor authentication. 
  • If you use Remote Desktop Protocol or other well known risky servers — proceed with caution.

Lastly, don’t forget to check up on your computer even during holidays. Remember, holidays, though preferred, aren’t the only time for ransomware attacks.  Hence, make sure to keep your digital life as safe and protected as your personal lives!

More Great AIM Stories

Avi Gopani
Avi Gopani is a technology journalist that seeks to analyse industry trends and developments from an interdisciplinary perspective at Analytics India Magazine. Her articles chronicle cultural, political and social stories that are curated with a focus on the evolving technologies of artificial intelligence and data analytics.

Our Upcoming Events

Conference, in-person (Bangalore)
Cypher 2022
21-23rd Sep

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
21st Apr, 2023

3 Ways to Join our Community

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Telegram Channel

Discover special offers, top stories, upcoming events, and more.

Subscribe to our newsletter

Get the latest updates from AIM
MOST POPULAR

Ouch, Cognizant

The company has reduced its full-year 2022 revenue growth guidance to 8.5% – 9.5% in constant currency from the 9-11% in the previous quarter

The curious case of Google Cloud revenue

Porat had earlier said that Google Cloud was putting in money to make more money, but even with the bucket-loads of money that it was making, profitability was still elusive.

[class^="wpforms-"]
[class^="wpforms-"]