Modern Tire Dealer

APR 2017

Magazine for the professional tire industry

Issue link:

Contents of this Issue


Page 25 of 77

MTD March 2017 A ll the tire dealer wanted to do was upgrade his point-of-sale soware. He chose an in-house server-based system, and made sure his employees received the proper training. Aer a "crazy busy" first few days, the training became second nature, some of the bugs worked themselves out, and the new system, he said, "normed down." Less than two weeks later, his system was hacked and held for ransom. He was asked to pay up or he would lose all his POS information. "It's nothing you want to re-live," said the dealer when contacted by Modern Tire Dealer. "It's nothing you want to explain. You think you're smart enough to run your business." e cost of ransomware to U.S. businesses is hard to quantify. In 2016, businesses paid out an estimated $1 billion, compared to $24 million the previous year, based on FBI data. However, those numbers only take into account known victims. Losses due to downtime also are not included. As of May 2016, the FBI estimated ransomware had cost U.S. small businesses more than $75 million in downtime alone in less than a year and a half. In its 2016 report, "Hackerpocalypse: A Cybercrime Revela - tion," cybersecurity company the Herjavec Group estimated the annual cost of global cybercrime will reach $6 trillion a year by 2021. Ransomware is expected to make up an increasingly larger percentage of that total over the next five years. What is ransomware? According to the FBI, ransomware "is a form of malware that targets your critical data and systems for the purpose of extortion." It is frequently delivered through "spearphishing" emails. "Aer the user has been locked out of the data or system, the cyber actor demands a ransom payment. Aer receiving payment, the cyber actor will purportedly provide an avenue to the victim to regain access to the system or data." Wayne Croswell, CEO and president of WECnology LLC, says ransomware aacks are typically carried out using a Trojan disguised as a legitimate file. "They enter a system or network through, for example, a downloaded file or a vulnerability in a network service. e program then runs a payload, which locks the system in some fashion, or claims to lock the system but does not (e.g., a scareware program). Payloads may display a fake warning purportedly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, and contains content such as pornography and 'pirated' media. "Payment is virtually always the goal," he says, "e victim is coerced into paying for the ransomware to be removed — which may or may not actually occur — either by supplying a program that can decrypt the files, or by sending an unlock code that undoes the payload's changes. Payment can be as lile as $10 or even $1,000, and many victims quickly pay it to get their system back. e aacker can infect thousands of systems and collect millions of dollars in ransom." When ransomware first hit the scene, computers predominately became infected with it when users opened email aachments that contained the malware, says Croswell. "But more recently, we're seeing an increasing number of feature From Russia without love Ransomware is a global phenomenon "While initially popular in Russia, the use of ransomware scams has grown internationally," says Wayne Croswell, CEO and president of WECnology LLC and a frequent contributor to Modern Tire Dealer. "In June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. "Wide-ranging attacks involving encryption-based ran- somware began to increase through Trojans such as CryptoLocker, which had procured an estimated $3 million before it was taken down by authorities, and CryptoWall, which was estimated by the U.S. Federal Bureau of Inves- tigation to have accrued over $18 million by June 2015." Beware of ransomware One dealer shares his mistakes to help you fight a faceless cyber thief By Bob Ulrich 24

Articles in this issue

Links on this page

Archives of this issue

view archives of Modern Tire Dealer - APR 2017