RSA Encryption Inventors Lament Its Use for Ransomware
When the developers of the original RSA encryption algorithms built what has become the mainstream means of encrypting and decrypt data, it wasn't lost on them that some bad guys might also find malicious uses for it as well. Two of its inventors yesterday said they were alarmed at the use of encryption for ransomware, which has become a pervasive way of gaining access to users' PCs and enterprise servers using increasingly more sophisticated social engineering and phishing techniques.
"As a security threat, encrypting ransomware has flown beneath the radar of many IT departments. It emerged as a consumer problem and at smaller companies and agencies," said Paul Kocher, president and chief scientist at Cryptography Research, who once again moderated this year's Cryptography Panel at the RSA Conference in San Francisco. "Many IT admins, unfortunately, write off the potential for ransomware incidents as unavoidable end-user errors that merit a slap on the wrist, but can't be helped. But all evidence suggests the problem isn't going away."
Given two of the panelists invented many of what are now the RSA algorithms used in today's encryption methods -- Adi Shamir, a professor at the Weizmann Institute in Israel, and MIT Professor Ronald Rivest -- Kocher asked them for their perspective on their use for ransomware.
"As the inventor of one of the algorithms, I sort of feel like the mother whose son has been brainwashed and he's off to become a Jihadist in Syria somewhere," Rivest said. "I think that ransomware is one of those areas where our community failed in a particularly miserable way," Shamir added. "There are good security programs you can use in order to protect yourself from this ransomware."
Shamir said he fears the worst is yet to come as the Internet of Things enables homes and businesses to become more connected. "Think about your TV being ransomware'd stopping to work, with a big display that you have to pay in to get the TV service back," Shamir said. "I think it's a very serious problem. It's going to stay with us and we really have to think about new techniques to stop it."
Shamir also noted that because systems can be infected silently for weeks or months before a user is aware of it, backing up files also won't solve the problem. "Eventually your files on the backup are going to be the encrypted files," he said. "This is a huge issue of the correctness of backed up data, which is a major problem."
This month's Redmond magazine cover story looked at the continued impact of ransomware on consumers and enterprises alike. Panelist Ed Giorgio a cryptographer and security expert said the malicious use of encryption is just part of the problem. "Ransomware is not just about encrypting your data so you don't have access to it, in order to do ransomware you have to first penetrate somebody's computer, then you have some sort of an exploit," Giorgio said. "But as we all know, criminals are very innovative and once they penetrate your file, they will find other things in your computer they can blackmail you for. Even if we do solve the loss of data problem, ransomware will still be around.
Posted by Jeffrey Schwartz on 04/22/2015 at 12:16 PM