Locky Ransomware Versus Ryan Lochte: Which Is Worse?

Aug 22, 2016

Locky Ransomware Versus Ryan Lochte: Which Is Worse?

BY Katie Thornton

Cybersecurity Ransomware

This week, US Olympic Swimmer, Ryan Lochte, and a leading ransomware variant, known as Locky, have been all over international news. In an effort to clear up any confusion between the two, let’s compare and contrast the popular “locks”.

The Human Fish vs. The Phishing Malware

The Basics:

  • Ryan Lochte: Ryan Steven Lochte, born in August 1984, is an American competitive swimmer specializing in the backstroke and individual medley. The 12-time Olympic medalist ranks second in swimming behind Michael Phelps.
  • Locky Ransomware: Locky, born in February 2016, is a variant of ransomware malware typically spread via a phishing email containing a malicious attachment (Microsoft Office doc) containing macros or JavaScript files to download malicious files. The malware is used by hackers to hold corporate and personal data hostage in exchange for a ransom.

Also Known As:

  • Ryan Lochte: “Reezy” or “The Lochtenator”
  • Locky Ransomware: “Reezy” or “The Lochtenator”

Evolution:

  • Ryan Lochte: The swimmer recently debuted a new doo of silver-green locks that he deemed “light blue.”
  • Locky Ransomware: Locky is one of the more actively updated strains of ransomware with tools and techniques growing more sophisticated each month allowing it to continuously evade detection.

Rise to Fame:

  • Ryan Lochte: Lochte holds world records in the 4×200-meter freestyle relay, the 200-meter individual medley and the 400-meter individual medley. He’s also earned a few Olympic medals: 6 gold, 3 silver, 3 bronze.
  • Locky Ransomware:  In Q2 2016, Locky claimed top spot for email-based malware as 69% of email attacks leveraging malicious attachments featured the ransomware (up from 24% in Q1 2016).

The Main Targets:

  • Ryan Lochte: The swimmer hopes to one day take out Michael Phelps. So far, no good.
  • Locky Ransomware: A Locky hacker’s bread-and-butter is taking control of systems and data of businesses of all shapes and sizes, but recently the Healthcare industry seems to be a major focus, accounting for 75% of total detections. Geography-wise, the United States is the most targeted country, followed by Japan and South Korea.

Recent Bad Behavior:

  • Ryan Lochte: Earlier this week, the Olympic gold medalist claimed to the US Media that he had been mugged at gunpoint in a late-night robbery ending with a pistol pressed against his head. The real story? Allegedly, Lochte and fellow athletes damaged a gas station bathroom and were involved in a confrontation with armed security before paying about $50 to resolve the matter.
  • Locky Ransomware: This month, Locky incidents have increased dramatically following massive email campaigns distributing the ransomware.

The Attack Flow:

  • Ryan Lochte: Lochte competes in the Rio Olympics, celebrates, gets drunk, vandalizes a gas station bathroom, pees in public, lies to the US Media, flees the country and goes radio silent. So overall, highly unpredictable behavior.
  • Locky Ransomware: Locky leverages social engineering tactics, tricking a user into opening an email attachment disguised as an invoice. When opened, said invoice is scrambled, and the victim is instructed to enable macros to read the document. Once this happens, the ransomware is executed, the data is encrypted and a ransom is demanded, usually in the form of bitcoins.

Who Should Fear Them:

  • Ryan Lochte: Michael Phelps continues to sleep well at night (what competition?). The biggest threat posed by Ryan Lochte is the damaged reputation of the US Olympic Team who was forced to publicly apologized for the athlete’s behavior. Talk about being in the deep end….
  • Locky Ransomware: For businesses, a Locky attack can be catastrophic. A successful locky attack often leads to corporate data loss and - even worse - operation downtime. The malware is known for deleting shadow copies of files to make local backups useless. Lastly, there is no way to decrypt Locky-encrypted files without a key.

Most Successful When:

  • Ryan Lochte: Michael Phelps calls in sick.
  • Locky Ransomware: A single, unaware employee clicks the attachment of a phishing email to “Enable Content”. That’s all it takes.

Achilles Heel

  • Ryan Lochte: Not once but twice has Lochte injured himself while wrecking scooters; once in the run-up to the 2007 World Championships, and again four years later before the 2011 FINA Worlds in Shanghai.
  • Locky Ransomware: Leveraging network firewalls, email security and web filtering can help prevent spam from getting through to the users and prevent downloads of compromised attachments. Additionally, businesses should create a “human firewall” through mandatory, regular cybersecurity training amongst all employees. Every single employee should be aware of these common social engineering tactics so they can avoid them.

Kryptonite

So there you have it. Everything that separates Ryan Lochte and Ransomware Locky. Both fairly famous, both terribly arrogant, and both liars. In the end, if faced with the choice of encountering the phishing malware or the human fish, which would you choose?

Subscribe to the Blog