Merely a few days prior to President Donald Trump’s inauguration, hackers compromised over 70 percent of storage devices that store data from feds CCTV cameras in Washington DO.C in a cyber attack.
It appears this was an attack of Ransomware, which has become the most widely used method for hackers to get money from victims without any effort.
Ransomware is a form of malware that hackers use to lock digital files, after which they demand payment in the form of Bitcoin in order to have the files unlocked.
At first, the attackers used to target computers and smartphones but today, the targets are usually Internet of Things, IOT devices.
123 out of the 187 network video recorders were infected with ransomware and each of these controls between 1 and 4 CCTVs installed in public places across Washington D.C. This caused the systems to be offline from 12th to 15th January 2017, not recording anything.
The officials in charge of the system responded by taking the systems offline and removing the malware before rebooting the system. They did not pay any ransoms however.
Although the systems were put back how they should be, it is not clear whether there was any valuable data lost.
The chief technology office for Washington sait investigations were underway to ascertain the source of the hacking and assured the public that the attack was only limited to CCTVs and did not extend to government networks.
Ransomware is used by hackers to squeeze money out of victims. It has been around for years, but it has recently picked up speed, becoming more sophisticated and frequent. A hotel in Austria was hit, resulting in hundreds of guests being locked outside until the hotel fulfilled the ransom demands.
There are two most widely ransomware: KillDisk data wiping and Popcorn Time. KillDisk encrypts files and and then the attackers ask for ransoms to get the data restored. Popcorn Time allows the victim to choose between paying or allowing the hack to infect two more people and have them pay the ransom.
The best way to avoid being a victim is to have preventive measures in place. The best preventive measure is to be cautious within organisations and always have backups in case anything happens.
It is also important to have the best possible antivirus installed and never to open attachments you do not know since that is how these attacks occur.
