THESE DAYS, IT SEEMS we’re never far from cybercrime headlines. In the last few years, we’ve seen large-scale attacks against Ukraine’s power grid, Sony Pictures, the Colonial Pipeline, JBL-SA (the world’s largest meat supplier), and South African shipping firm Transnet. Such attacks often aim to cause damage and disruption, though the aim can sometimes be political. The Sony Pictures hack is widely believed to have originated from North Korea, with hackers demanding that the Kim Jong Un-themed comedy The Interview be withdrawn.

Latterly though, hackers are financially motivated—they want their targets to pay a ransom (usually in cryptocurrency), either to restore access to their systems or avoid sensitive information being publicized. These are known as ransomware attacks. Ransom demands can be high too, with the Colonial Pipeline hackers, DarkSide, receiving $10 million (most of which was later recovered). Thanks to the ease with which fiat currency could be exchanged for Bitcoin, ransomware attacks launched against home users have proven profitable too.

Internet-facing Windows and Linux servers have long been a target for all kinds of mischief, and with so many Internet of Things devices joining the party, such intrusions are only going to increase. Directed attacks against home users are waning, primarily because there are much more lucrative targets out there, but that’s no excuse for complacency. So, over the next few pages, we’ll show you the modern threats, refresh some best practices and hopefully get your 2022 off to the safest start possible. Let’s get to it!

–JONNI BIDWELL

1THE EVOLUTION OF RANSOMWARE

A few years ago, ‘guilt-ware’ attacks were common. Here, unsuspecting users would log into their machines and be greeted with a banner stating they were under investigation for nebulous crimes—anything from piracy to pornography or promulgation of terror materials. But don’t worry, says the warning, all of this will go away if you wire some cryptocoins to this address. The message explains how to acquire said coins and warns that if you do not pay, you will be arrested.

>> That these kinds of attacks were ever successful (and sometimes still are) speaks volumes about people’s gullibility. It also shows that some people have quite strange ideas about how justice works. Yet we should not be so dismissive, as there’s some psychology behind this. There is a widely held theory that everyone has some latent guilt about something they have done in the past and not ‘fessed up to, and tapping into this with an abrupt and scary message can make the subject feel rumbled. Detectives take advantage of this (and all kinds of other techniques) when questioning suspects.

>> Still, it’s the kind of message that lots of people (especially anyone used to browsing the internet without a pop-up blocker) will just close and ignore. Later evolutions of this attack would go a stage further, either locking the victim out of the machine entirely (forcing the user to choose between a complete reinstall or a quick ransom payment) or encrypting any user documents it finds. This is what ransomware typically refers to today. Thanks to networking (and a rich underground scene in the trade of network exploits) damage may quickly spread to other machines too and, before you know it, a stray click on a single machine might bring about a network-wide incident.