CYBER & INFOSEC

"blogger, InfoSec specialist, super hero ... and all round good guy" 

DISCUSSIONS, CONCEPTS & TECHNOLOGIES FOR THE WORLD OF

JOIN THE DISCUSSION

What Is Leakware?

Ransomware — a kind of malware attack that encrypts a computer’s files, leaving PC owners scrambling to pay the ransom to gain the decryption key — has been hitting the news more often in the past few years. Everyone, from the UK’s National Health Service (NHS) to the Colonial Pipeline, has found themselves under attack. As we move through 2021, a new type of ransomware is beginning to emerge, creating an even more dangerous threat. What is leakware and how is it impacting internet users and businesses around the world?


From Ransomware to Doxware to Leakware


This trend of malware-based data theft started with ransomware. Downloading an infected file or program would leave your computer locked and your files encrypted unless you pay the ransom — usually in Bitcoin or some other untraceable format. In return, the hackers would, in theory, provide you with the decryption key so you could get your files back. This hit the mainstream news during the Wannacry Attack in 2017 when ransomware programs took down the NHS for multiple days. Hackers were able to make their way into the NHS’s system because of outdated operating systems.


Over time, this evolved into doxware. Hackers would contact users claiming to have embarrassing or incriminating information and images. If they weren’t paid, the hackers threatened to release that information to the victim’s friends and family. This particular type of attack didn’t work as well as ransomware strikes, primarily because much of the time, the information they claimed to have didn’t actually exist. They were relying on the user's fear to get what they wanted. It was also nearly impossible to tell what types of information that a user would pay to suppress, so it didn’t offer the kind of returns that these hackers were looking for.


Now, this type of attack has evolved yet again. Leakware programs slip into systems largely unnoticed and collect privileged information such as user data, phone numbers, social security numbers, and other personal data that is supposed to be protected. As long as the programs remain undetected, they can continue to collect information, choosing to hide their presence until they’ve collected enough data to be a threat. Then they can demand a payment — again, usually in bitcoin — as an incentive to keep them from releasing the data.


The Growing Threat of Data Leaks


By the third quarter of 2020, the United States saw a 139% increase in ransomware attacks from the year before. The year even saw its first ransomware-related murder investigation, after a woman in Germany died because she had to be rerouted to another hospital because the first one her ambulance arrived at was struggling with a ransomware attack.

Leakware is becoming increasingly dangerous, because it is primarily targeting industries rich in protected data — healthcare, finance and law, just to name a few. These industries are filled with all sorts of private and personal information that individuals and businesses alike don’t want leaked to the public. Without security automation in place, the average data breach costs companies around $6.71 million — and that’s without taking into account the sort of fines that a medical practice would face for HIPAA violations or that individual companies might face if those affected by the breach bring a class action lawsuit against them.


Preventing Leakware from Impacting You


How can companies and individuals prevent leakware from impacting them or putting their hard-earned data at risk?


Email phishing attacks are the most popular way to infect a network with a leakware virus. Strong phishing protcalls, email filtering and other similar tools can prevent an infected message from ever making its way into your inbox. Antivirus detection systems are also an essential tool, since most of these leakware programs only have the most basic countermeasures against any sort of removal program.


Vigilance and prevention are the best tools for preventing leakware or other malware-based attacks from impacting you, your business, or any information trusted to you that you’re meant to protect.


Protect Yourself Moving Forward


The more secure we make our systems, the savvier hackers will need to become to find their way in. There is no foolproof way to protect any networked system from hackers, but there are plenty of ways to reduce the likelihood of an attack. Stay on top of your system’s cybersecurity requirements. Don’t click any suspicious links, and run a virus and malware scan regularly to ensure that there aren’t any malignant programs hiding in the deepest and darkest corners of your netw