Using Distributed Computing To Thwart Ransomware

I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."

Seems rather futile..

[FluffyWithTeeth]

Surely all the have to do is start using a new key every so often, and the task becomes pointless?

Re:Seems rather futile..

[SQLGuru]

Surely all you have to do is make frequent back-ups of your critical data and the virus becomes pointless.

Hacker - You must pay me $100 or your files will be forever encrypted by my nigh-unbreakable RSA code.
User - Meh, I just wiped my system of your virus and restored my important files from back-up. Piss off.

Layne

Re:Seems rather futile..

[Silver+Sloth]

Good, sometimes there's only one way to learn about why we have backups. After all, they're just as much at risk from hard disk crashes.

I've got a better idea

[elrous0]

Encourage people to make backups of their data on disc, tape, or portable harddrives. I know that's a radical idea, but it just might be crazy enough to work.

Re:I've got a better idea

[cowscows]

So what you're saying is that anyone who lives in any fashion beyond subsistence farming is stupid?

Banking, religion, and politics all have their problems, no doubt. But they're all important and persistent factors in the progress that humanity has made. They've all been involved in bad things, but they've all be involved in lots of good things as well.

A human being is, on their own, capable of many things, both good and bad. Structures, systems, corporations, religions, corporations...they've all allowed us as a civilization to accomplish tasks that no one man could accomplish on his own. Some good and some bad, but all it does is amplify our abilities.

It is a good devlopment, Don't help them

[140Mandak262Jamuna]

We should not help people whose data is held at ransom. Finally they will see the folly in using cheapest software, in the cheapest platform with no regard for security. Companies will start taking insurance against data loss. And the insurance premium will be more for insecure closed proprietary crapware like Windows.

As long as security is valued at zero dollars when the IT bean counters are evaluating platforms and vendors crapware will proliferate.

Don't forget the corollary.

[khasim]

Don't forget the corollary.

Encourage the application writers to make their applications EASY TO BACKUP.

The problem I keep seeing is that TELLING someone to back up their data is easy to do. FINDING ALL of the data is just about impossible.

You'll never know if you got it all until AFTER a problem.

Or even ... how about just including a simple script that will look at how it's installed TODAY and back it up to a location chosen by the user? And then that script will generate a script to install that backup should you need it to. Along with license keys and decoding keys and unlocking keys, etc.

Data recovery

[KevMar]

So the encryption is sound, but did he just delete the old files after encrypting them or did he scrub the drive too.

Someone try to undelete the files with a disk recovery tool and see what you get. Just because the file is encrypted does not mean that the original was correctly destroyed.