Monthly Archives: July 2016

New Software Fights Ransomware

Ransomware, a harmful new type of malware that encrypts computer files and only releases digital information back to its rightful owners for a fee, may finally have met its match.

Much to the dismay of the increasing number of victims of cyber crime, ransomware is extremely well-suited to the current digital landscape. Hackers are paid using cryptocurrencies like bitcoin, making all illegal transactions virtually untraceable. The files that they take hostage tend to be of great value and the fees that they demand tend to be just under what it would take to pay to have the files recovered, so more often than not, desperate victims are willing to pay the ransom. Because of these advantageous circumstances, the instances of ransomware-related cybercrime have more than quadrupled over the past year, making it one of the most prevalent threats of the digital world.

cryptodrop2Luckily, scientists at the  University of Florida recently announced their development of a software that can stop ransomware in its tracks. According to the researchers, their CryptoDrop software can detect malware and stop it after has encrypted just a few files.

“Our system is more of an early-warning system,” explained Nolan Scaife, who worked with Patrick Traynor, an associate professor in UF’s department of computer and information science, to co-create the software along Henry Carter.

“It doesn’t prevent the ransomware from starting… it prevents the ransomware from completing its task… so you lose only a couple of pictures or a couple of documents rather than everything that’s on your hard drive, and it relieves you of the burden of having to pay the ransom.”

CryptoDrop has proven extremely effective in testing, during which it has flagged 100% of the malware samples and stopped it after an average of 10 files had suffered encryption.

This miracle solution couldn’t come at a more pressing time. According to the United States’ Federal Bureau of Investigation, the number of ransomware attacks has more than doubled in the past year and is expected to keep growing. The FBI further stated that it has received over 2,400 complains in 2015 and that the estimated losses from these attacks clocked in at around $24 million.

Everyone from governments to large corporations, banks, hospitals, and educational institutions have fallen victim to the attacks.

Expert at security firm Alert Logic Richard Cassidy had this to say about the recent development of CryptoDrop:

“Whilst the step taken by researchers at the University of Florida are indeed a novel way in which to detect and contain ransomware, it doesn’t serve as the ‘silver bullet’ for ransomware as a whole.”

crypt“There are new variants being written all the time,” Cassidy continued,” and ransomware writers will indeed take the time to dissect and understand how this new technology operates, creating versions that will attempt to either bypass detection, or at the very least search more effectively for likely sensitive files, before encrypting them, with the hope of having the biggest impact of securing a ransom payment.”

The UF team has a working prototype for Windows-based systems and is seeking a commercial partner for its new software.