The threat posed to online business owners by various types of “wares” just never stop do they? Ransomware has been around for a while, since about 2004, but some security companies are stating that the attacks are on the rise, and becoming increasingly sophisticated.

Ransomware is a form of malware (cryptosystem, cryptovirus, cryptotrojan or cryptoworm) that encrypts data on a hard drive. A text file is usually left in folders containing encrypted files demanding a ransom be paid in exchange for instructions on how to decrypt the users’ files.

Originally using an RSA algorithm to create a 56 bit key, the latest ransomware threat posed by the virus Gpcode.ag used a 660 bit key. It was originally estimated that it could take at least 30 years using a 2.2 GHz computer to break such a key. Kapersky Labs reports that thanks to a little luck, they were able to crack it within a day.

However, Kapersky’s fears are that if a more refined algorithm were used, it’s possible that antivirus firms may *not* be able to decrypt it. A rather unsettling thought.

So, what to do? In the instance of Gpcode.ag, the virus scans for nearly 200 file extensions and encrypts those files; so a form of protection would be to rename crucial files with lengthy, obscure file extensions.

A better protection is to back up your data regularly (like daily) onto removable media. The words of my first computer instructor continue to haunt me: “there are only 2 types of computer users, ones who have lost their data and ones who are about to” :).

Some usual virus precautions will help as well - an ounce of prevention vs. a pound of cure. The Gpcode.ag virus was intially distributed via a spam attachment. If the attachment was opened, a Trojan was installed which then downloaded Gpcode from a web site.

Read more

Read more of the Kapersky report on Ransomware

Anti-hacking tips for online business