Criminal organisations behind ransomware attacks now have CUSTOMER SERVICE operations.
A study has found that the gangs, which demand a ransom for the return of files decrypted after a victim has opened a malicious attachment or link, are often willing to negotiate on price and extend deadlines for payment.
IT security firm F-Secure studied five active gangs and found that they were organised like legitimate commercial organisations.
They even boasted human resources and customer service departments.
“Websites that support several languages. Helpful FAQs. Convenient customer support forms so the victim can ask questions. And responsive customer service agents that quickly get back with replies,” stated the study.
“These are criminals who are making money off the backs of people and businesses they are hurting.
“But conversely, like any decent venture, they‘re also concerned about offering good customer service – including support channels and reliable decryption after payment.”
Two-thirds of large businesses in the UK have been targeted by cyber attacks in the past year, according to government research.
Software security specialists Kaspersky Lab reported a 17.7 per cent rise in ransomware attacks in the 12 months leading up to March 2016, a total of 2.32 million upon an estimated 58 per cent of corporate PCs worldwide.
The lucrative criminal model paradoxically depends upon reliability, as victims need to be confident that they will get their files back if they pay up.
“They’re disreputable, yet reputation is everything,” the study found.
“Without establishing a reputation for providing reliable decryption, their victims won’t trust them enough to pay them.”
All but one of the ransomware groups were willing to negotiate, resulting in an average 29 percent reduction in price, while all were willing to extend the deadline written into their malware code.
The easiest way to guard against a ransomware attack is to back up important files on a daily basis. For a business that could mean accounting documents, legal documents and client data.
Other tips include keeping software up-to-date and regular patch management; educating staff on the potential methods of attack and malicious file types; keeping all features of its security solution switched on at all times; and, above all, refusing to pay the ransom and reporting the attack to police.