Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

With ransomware on the rise, cryptographers take it personally

Lucian Constantin | April 27, 2015
Some of the world's leading cryptographers are concerned about the increasing number of malicious programs that hold computers and mobile phones to ransom, in many cases by abusing the encryption algorithms they designed.

MIT professor Ron Rivest, co-inventor of RSA with Shamir and Leonard Adleman, noted that while cryptography is used mostly for good, as most technologies, it can also be used for bad.

Despite knowing this, the abuse of the RSA algorithm by many ransomware programs, makes him feel "sort of like a mother whose son was brainwashed and left to become a jihadist in Syria," he said.

The ransomware problem is not restricted to attackers encrypting other people's data, said Whitfield Diffie, one of the pioneers of public-key cryptography. In order to do pull off a ransomware attack, criminals need to first penetrate someone's computer and use some sort of exploit, he said.

Once an attacker has that level of access on a system, even if the potential data loss problem is solved, they will find something else to blackmail the user with, he said.

Another thing to point out is that the ability of ransomware creators to extort money from users depends in part on anonymous payments, Rivest said. Anonymous communications between people is essential for democracy, but the value of anonymous payments is debatable, he said.

Most file-encrypting ransomware programs require payments to be made in Bitcoin.

The abuse of encryption algorithms is certainly not going to stop cryptographic research and advances. However, it will be interesting to see if the ransomware problem will make its way into the rhetoric of government officials, who are increasingly pushing for ways to bypass encryption so that police and intelligence agencies can perform lawful intercepts.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.