EuroWire March 2017

Transatlantic cable

Also from Ransomware: How Consumers and Businesses Value Their Data: † USA government statistics indicate that ransomware attacks quadrupled in the USA in 2016, for an average of 4,000 attacks per day; † The Federal Bureau of Investigation (FBI) reported that more than $209 million in ransomware was paid in just the rst three months of 2016 – “a dramatic 771 per cent increase” over the $24 million reported for the whole of 2015; † The FBI estimated that ransomware was on pace to be a $1 billion source of income for cybercriminals in 2016. A worsening threat “As bad as ever,” TechRepublic deemed the ransomware issue, in mid-December. By the end of January another article on ransomware, in ZDNet , indicated that the threat is in fact intensifying, with cybersecurity researchers warning of new features and ingenious variants. (“Ransomware Is About to Get a Lot Worse, by Holding Your Operating System Hostage,” 31 st January) Rather than just encrypting key les, wrote ZDNet’s Danny Palmer, “ransomware could soon infect a computer to such an extent that the only two options available to the user would be to pay or to lose access to the entire system.” According to the Malwarebytes State of Malware Report 2017, cited by ZDNet, this new type of ransomware is designed to modify the infected computer’s master boot record, which controls the ability to boot into the operating system. With the use of malicious code, the system will then boot into a lock screen set up by the malware, demanding payment not only to decrypt les but also to restore access to the main operating system. The victim can do nothing with the system beyond viewing the ransomware note. A Santa Clara, California-based provider of disinfection and protection solutions, Malwarebytes bases its services largely on data collected from its own Windows and Android anti- malware apps. The company still sees malware getting into computers via email, much of it in Microsoft O ce attachments with embedded attack macros. † According to Malwarebytes, in January 2016 ransomware constituted 18 per cent of all malware delivered by email or through the exploitation of installed software. By November 2016 this had climbed to 66 per cent, which the company calls “an unprecedented domination of the threat landscape.” The USA is the top ransomware victim, while Russia is one of the least popular targets. Malwarebytes also took note of the rise in “botnet” software taking over computers – including Internet of Things (IoT) devices like connected security cameras – and employing them in distributed denial of service (DDoS) attacks. Here, however, the chief victim is not the USA. According to Malwarebytes, 61.2 per cent of all botnets are found in Asia, about 15 per cent in Europe. † In light of all this, a reminder from Adam Kujawa, the Malwarebytes director of malware intelligence, may seem a little tame. But it is worth passing on. If properly updated, he told Mr Palmer of ZDNet , much of today’s software can help protect itself. Dorothy Fabian – USA Editor

But, in a decision deemed controversial by the German newspaper Bild (via Charged EVs), and referenced by Green Car Reports , Johannes Remmel – the environment minister for the state of North Rhine-Westphalia – recently took delivery of a Tesla Model S for use as his o cial car. Mr Remmel, who wanted an electric car, explained his choice of the American-made Model S by saying that it alone had su cient range to allow him to travel easily around his state. The high purchase price of the car – a reported $115,000 – also drew adverse comment. According to Mr Edelstein, that price would indicate Mr Remmel purchased a higher-end model, as Tesla recently “tweaked” its German pricing to ensure that at least some versions of the Model S are available for under $64,000. (“Even Top German Minister for Environment Prefers Tesla,” 24 th January) Buyers of lower-priced electric cars can qualify for a $4,280 rebate under an incentives programme introduced by Germany last year. But the incentives do not apply to cars costing more than $64,000. As Mr Edelstein sees it, an increase in electric car sales is prompting some re-thinking about how to identify the best targets for incentive o ers. California now has income caps for its electric car incentives; instituted, wrote Mr Edelstein, in the hope that “more incentive money will be directed toward consumers for whom a purchase rebate could make or break their decision to buy an electric car.” Right now, he observed, Palo Alto-based Tesla is likely more a ected by the California income cap and German price cap than other automakers. But the established German luxury brands Audi, BMW, Mercedes-Benz and Porsche have all announced plans for high-end, long-range luxury electric cars over the next few years. Minister Remmel may not again be heard to claim that no domestic manufacturer o ers a car that meets his needs. † To date, wrote Mr Edelstein of Green Car Reports , no top USA government o cials are known to drive Teslas, “although the new president is said to have owned one in the past.” Ransomware is becoming an ever more lucrative avenue of attack for cybercriminals Late last year, Even Koblentz, who covers enterprise IT news for TechRepublic , reported on a security study from IBM which found that – while defensive measures are improving – the problem of ransomware malware is still very much with us. Ransomware is the term for remote computer hijacking in which les are encrypted by a malicious app until money, usually in Bitcoin, is paid for a decryption key. (“Progress in Ransomware Battle Remains Murky Despite Industry E orts,” 18 th December) “Seventy per cent of businesses that were hit by ransomware actually ended up paying,” wrote Limor Kessem, the security expert who authored the IBM white paper. According to Ms Kessem, the typical ransom paid by a USA business to recover access to nancial data is in the range of $10,000-$50,000. Cybersecurity

42

www.read-eurowire.com

March 2017