Ransomware attacks on computers are increasing, and they can have devastating consequences. Just look at the heart-breaking story of 17-year-old Joseph Edwards, an autistic college student who killed himself after being on the receiving end of a ransomware email falsely claiming he had accessed illegal websites.
These attacks can also have a considerable impact on businesses, with lost revenue, increased costs, and possible damage to reputation.
Cyber security experts, companies and solution providers have been working to combat the threats, but they are being delivered with increasing levels of sophistication.
A blog on MIT Technology Review, one of the oldest technology publications in the world and one that long pre-dates the internet, predicts that more and more scammers will utilize new and harder to stop techniques.
Increasing Sophistication
The article (titled “How the Next Generation of Botnets Will Exploit Anonymous Networks, and How to Beat Them“) explains how botnets have become increasingly sophisticated at using a technique called fluxing. This is where IP address in their hundreds or thousands are created, mapped and constantly changed. It also shows how they use the Tor network and other anonymous technologies, including Bitcoin.
But there is a new technique which is taking this up a level, and they are calling it “OnionBots”. The concept is simple – it works like peeling the layers of an onion. Each layer has an encrypted message which only contains the next destination for the bot. This makes it even harder to find the ransomware botnet’s command and control server.
In the article a solution is offered by researchers at the Northeastern University of Boston. This involves creating programs that attach to the OnionBot in order to remove it from the network. In effect it comes isolated so is essentially worthless.
But this is unlikely to be a completely guaranteed solution. More research, ideas and developments are required to take on the threat and prevent – or at least slow – more ransomware attacks from taking place.
So the cat and mouse game of combating ransomware botnets has a new metaphor – peeling an onion.