At a glance.
- Criminal competition: Maze, Sodinokibi, Conti, and Netwalker are up; Doppelpaymer is down.
- Law enforcement access to smartphones.
- Bad user habits and the value of passwords.
Ransomware families at the top of their game.
In an ever-evolving ransomware market, developers must be innovative in order to remain competitive. Over the past three months, Maze, Sodinokibi, Conti, and Netwalker have become the leading ransomware families, pushing Doppelpayer from the top of the list, ZDNet reports. Maze gained a following by being the first ransomware to not just encrypt and hold the compromised data hostage, but also threaten to leak the data if the ransom was not paid, now a growing trend. Netwalker’s evolution from using a ransomware-as-a-service model to a more refined approach targeting large, lucrative companies demonstrates how successful ransomware must constantly expand to earn a larger share of the market.
The police can and will break into your smartphone, apparently.
Smartphone companies like Apple and Google pride themselves on their ability to protect customers’ data, but law enforcement agencies would argue they do this a little too well. The police have long protested that phone encryption prevents them from accessing data that could assist them in criminal investigations. However, the New York Times reports, the police are accessing data on encrypted smartphones more often than once thought. A report from technology research nonprofit Upturn reveals that more than two thousand US law enforcement agencies, including forty-nine of the country’s fifty largest police departments, have acquired tools for breaking into phones. In the event a department doesn't have these tools, they can turn to a government crime lab for assistance. In the past five years, police have extracted the data of hundreds of thousands of smartphones. That said, the process of hacking into a phone is an arduous one, which, depending on the length of the password, could take anywhere from several hours to over a decade, and might not ever be successful at all. Tech companies like Cellebrite and Grayshift sell tools to make this easier, but they cost up to $18,000 to secure. Legislation currently being considered by Congress could force smartphone companies to give law enforcement a shortcut to override encryption.
Paul Bischoff, researcher and privacy advocate with Comparitech, emailed us comments on the study:
“Upturn's findings on police searches of mobile phones reveals that almost half of police phone searches occur without a warrant, relying instead on consent searches. But even if police weren't allowed to perform consent searches and were forced to obtain warrants, as Upturn recommends, I'm skeptical as to whether it would make much of a difference in the end. Interception orders, or wiretaps, are an example of how lenient judges are when it comes to granting such requests from police. Although wiretaps require a court order, judges grant 99 percent of interception requests from law enforcement, according to our research. A small fraction of wiretaps result in incriminating evidence or arrests, and many are even granted extensions. I think requiring warrants for phone searches is a step in the right direction, but it won't eliminate police overreach.”
Bad user habits make passwords even more valuable to attackers.
After analyzing the data of over ten thousand users, cybersecurity firm Balbix’s State of the Password Union report shows that 99% of users are guilty of reusing passwords for multiple sites, and that on average, people reuse the same password for 2.7 accounts. Attackers capitalize on this fact by using an approach called “password replay”: testing stolen login credentials on other sites for matches. The value of any one password increases exponentially as it is reused, meaning if 174 million passwords are stolen, they could potentially be used to access 470 million accounts. The relative cost of one set of login credentials is negligible when compared to its actual worth.