Understanding Ransomware and its Use of Cryptography

The concept of ransomware has gained significant attention in recent years due to its devastating effects on individuals, businesses, and organizations worldwide. One aspect that is often overlooked is the role of cryptography in ransomware attacks. In this article, we will delve into the world of cryptography and explore how it is used in ransomware, focusing on the WannaCryptor variant.

The Basics of Ransomware

Ransomware is a type of malware that encrypts a victim's files or entire system and demands payment in exchange for the decryption key. While the assumption that all ransomware works in the same way may be true, it does not capture the full complexity of these attacks. To understand how WannaCryptor works, we need to look beyond its simple encryption mechanism.

Cryptography 101

Cryptography is the practice and study of techniques for secure communication over public channels. There are two primary types of cryptography: symmetric encryption and asymmetric (public key) cryptography. Symmetric encryption uses a single key for both encryption and decryption, while asymmetric encryption employs a pair of keys: one for encryption and another for decryption.

Symmetric encryption is widely used due to its efficiency and speed. AES (Advanced Encryption Standard) is a popular example of an asymmetric block cipher that is often employed in cryptographic applications. On the other hand, asymmetric encryption offers several benefits, including secure communication over public channels and the ability to create complex digital signatures. However, it also has drawbacks, such as slower speeds and increased computational requirements.

WannaCryptor's Approach

So, what does WannaCryptor do differently from other ransomware variants? The answer lies in its unique approach that combines both symmetric and asymmetric cryptography. This allows the malware to operate effectively offline, even without an internet connection, which is a significant advantage for attackers.

Imagine we are writing our own piece of ransomware. We need to choose an encryption algorithm, like AES. To do this, we require a symmetric key, denoted as Ks. The difficulty here is that we need access to the data we want to encrypt. Either we send the key over the network, which compromises the security of the attack, or we bury it inside the code, making it vulnerable to disassembly and analysis by researchers.

The latter approach is often employed by ransomware authors, but it's not the most secure method. As soon as someone disassembles the code, they can easily find the string containing the symmetric key and reveal it to others, effectively defeating the attack. This naive approach highlights the importance of using more sophisticated methods to keep the decryption key hidden.

Burying the Key: A Naive Approach

One common technique used by ransomware authors is to hide the symmetric key within the code itself. They might use a string, like Ks, and place it somewhere in the malware's code. The idea is that when the ransomware wants to encrypt or decrypt files, it can access this key without needing to send it over the network. However, as we've discussed, this approach has significant drawbacks.

In reality, researchers have discovered many instances of ransomware with hidden keys. When they disassemble the code and find these strings, they can immediately reveal the decryption key to others. This is a critical limitation that highlights the need for more secure methods of encryption in ransomware attacks.

The Importance of Understanding Cryptography

While WannaCryptor's approach may seem sophisticated at first glance, it's essential to understand the underlying cryptography concepts. By knowing how these techniques work, researchers can develop strategies to combat them and create more effective countermeasures.

In conclusion, understanding cryptography is crucial for creating secure systems that protect against ransomware attacks. By grasping the basics of symmetric and asymmetric encryption, as well as the limitations of using these techniques in ransomware, we can better appreciate the complexity of these attacks and develop more effective ways to defend against them.

"WEBVTTKind: captionsLanguage: enSo we had some good feedback from the videoOn WannaCryptorbut, some questions about basically what it is,what it does, from an encryption point of view.and that, actually is a quite interesting topicbecause what it does is similar; obviously slightly different.but similar to what most of the other ransomware does, as well.So I thought we'd cover, pretty muchsort of the basics of what it is that ransomware doesbeyond it just has a private key and encrypts your data.which is obviously, sort of, the assumptionWe'll perhaps start with alook at a really rubbish one that I'm making up as I go along and we'll kind of build it up into a system thatKind of makes sense, and you'll see hopefully how it uses both symmetric and asymmetric or public key cryptographycombined to try andproduce an effective exploit. Okay, so let's imagine that I wanted to write aPiece of Ransomware - which I don't, I should add?I don't think people should be writing ransomware, butBut knowing a bit about how it works is quite a good way of understanding a bit about how cryptography works. There's really two majortypes of cryptography that we see a lot of like symmetric encryption and asymmetric encryptionwill put hash functions aside for one for one dayso symmetric encryption quite simply have one key forEncryption and the same key for decryption. All right? So a AES is a good example of ansymmetric block cipher that people use a lot of at the moment.Asymmetric Encryption or public key cryptography is where we have a separate key for encryption and another key for decryption?And that has numerous benefits in some circumstances and drawbacks in other circumstancesSo what WannaCryptor doesis combine both of these things to try and get a solution that first of all will run offline,so if they're not connected to their command and control servers they can still encrypt your disk andtheoretically decrypt it later - although the jury's out whether they actually will bother.So let's imagine that we're writing to some ransomeware, right? The first thingwe could do is we could choose anSymmetric Encryption cipher like AES, right? We could say what we're going to use AES and to do thatWe need a symmetric key, so I could developer. I'm programming this upI could write a piece of code thatSearches through all the files on someone's hard disk and for files of a certain typeI could replace that file with a copy of that fileThat's been passed through this cipherso I need to come up with a key so I generate the key. So let's call it Ks for the symmetric key.The difficulty here is if I'm going to use this key to encrypt people's data. It needs to have access to itSo either this needs to be sent to the malware as it's runningin which case there's going to be a compromise that the the keys been sent over networkHopefully people (researchers) could find it on the network, and then use it to decrypt someone's files without having to pay any moneyAlternatively, it's a very naive approach you could just bury it inside the code. People do this a lot. There are actualransom wares that have done this it's not the best approachSo you basically put this string Kssomewhere in the codeAnd then the ransomware is able to encrypt it and - when it wants to - decrypt the files. All right now obviouslythat's not a good solution becauseAnyone disassembling this code - and researchers do this within minutes of code being released -Will immediately find this string and then tell everyone: \"Oh look, the keys in this file\"Well, let's just decrypt it this way. And then write another tool which uses the same function and the same keySo that's not a good solution. To improve on this slightly, we can bring asymmetric encryption in. So this is our first attemptI'm working my way towards something competent, so don't judge me yet.So in asymmetric encryption we have two keys: We have a public key and a key privateNow, as long as the private key is kept secretthen in some ways we can encrypt everyone's files with the public keyAnd when they play the Ransom give them the private key. That's kind of a general idea.So early ransom ware worked this way.So when when the ransomware started it would generate a public and private key pairIt would send the private key off to a server somewhereTo hold it for Ransom and then it would encrypt everything with the public key. This usually uses RSA there are other options?We won't talk about the mathematics of RSAExcept to say that it's being very very difficult to calculate this private Key given only this oneso if you're not watching this when it gets installedThis private key is gone and all you can see is the public key, and then you're in a bit of trouble nowThere's a few downsides to this the first is thatAsymmetric Encryption is quite slow right the mathematics involved in RSA isIt's not too bad on a computerBut we do it generally for smaller messages. If you were trying to include a lot of someone's files with this it would take quitea long timeAnd also you have to have a connection to your commander control server if you'reMalware is running and let's sayThey're temporarily not on a wi-Fi or something like this, then what happens is it tries to upload this private key?And it can't so one two things happens, either. It has to stop or it just encrypts everything with the public key andwe lose the private key orThe private key has to be temporarily stored on a diskwhich isn't going to work well for holding it for Ransom, right? None of these solutions are very very good, soThat isn't a very good solution either. It's a bit slowAnd there's an issue of trying to upload this to a command control server, and how we're going to do thatso what modernRansomware does - and this is not exclusive to Ransom where lots of encryption schemes work this way -is a hybrid encryption scheme where the majority of the encryption so the actualencryption of your files will be done with AES or some symmetric cipher and that key will be protected by public key cryptography, soYou're holding of these private keys for Ransom and when you get it back you can then unencrypt Ks and unencrypt the filesThat's the ideaSo this is what WannaCryptor does. So WannaCryptor, when it's off in a directory,it starts undertaking lots of different tasks. One of the tasksIt does is start up threads for trying to spread itself using the eternal blue exploitBut the majority of the work in terms of Encryption is separate to that. And what it will do from inside its ownExecutable it will extract a zip fileWhich is also encrypted it would decrypt this using a password and then will extract those filesNow they hold things like hard coded bitcoin addresses that we know about thatYou're supposed to be paying this ransome, hard coded public keys of the server (which I'll talk about in a moment)the addresses, the tor addresses of the server for the tor hidden servicesIt extract all of these things and then it gets to work, encrypting your filesSo the first thing it does is it generates an RSA key pair.[If I start a new page, then then we won't be confused with my terminologythat essentially I'm making up as we go along, so...][I changed a couple of pieces aroundI haven't solved the rubics cube yet,I could but I like to annoy people with having it unsolved on the shelf it also takes me quite a long time]So okay, so when WannaCryptor installs itself and it starts runningIt needs to generate some keys, that it's going to use to encrypt your filesThe first thing it does is generate a public and private key pair for this infection. And these are for the client all right?So let's call them C_pub and C_private it. So we've generated a public key and a private key right?Now these are 2048bit RSA KeysSkipping over the math a little bit to try and calculate the private key if we didn't have itWe would have to solve a very largeinteger factorization problemwhich is not happening, sufficed] to say.Normally, what a ransom-ware would do now is, with this private key off to a command-and-control server,Delete it so that we never get it back unless we pay a ransom and then encrypt everything with this public key.but in a hybrid encryption scheme we work slightly differentlyStored inside the executable is a server's public key, this is a command and control serverSo this that we have here is S_pub. Now this public key has an associated private keyBut we have no idea what it is, right?it's stored somewhere on one those command and control servers or all of those command and control servers and these were generated theRansomware was created a while agoSo the client public and private keys are generated on the flyevery time it installs itself on anyone's machine the server's public key is stored inside the executable and it's always the sameand it'sAssociated with a service private key hidden somewhere else that we haven't got access if only we did it's worth mentioning at this pointThat if we could find the server and get this private key that would be good news right we could decrypt everyone's aroundRansoms files perfectit's hidden on the dark web, so the onion addresses that are supplied hard coded into one a krypter point toservers somewhere on the PlanetBut we don't really know where rightWe will deal with hidden services on another video because I think it's a real interesting topic what the client then does what one equipped?Er does it's got to try and protect thisKey so that it can hold it to Ransom so what it does is it encrypts it with the server's public keySo let's say it takes these down here and it produces pub of CPrivate like this is my strange notation . I'm sort of making up. This is kind of businessSo this is encryption right and we've encrypted this private key with the public key all right. So now it's totally uselessIt's completely mangledWe can't use it remember that in RSA these perform the opposite tasksso for example if I had all my files encrypted with C pub ICould decrypt them all again with C private right so that needs toSo the malware needs to stop me from getting to that file. Which is done now by encrypting itWe can't decrypt it again because we don't have the server's private keyThat's the issue here right, so then what happens is for all files the client will generate a f key which will callKF4 file right andEncrypt the file with then so we're going to store in essence C pub of k f andK f okay, so let's look at what I've just written here each client has its own public and private key pair right nowthat's important because theoretically if one person paid the Ransom and they said them let's say theShared private and public key pair, then everyone you seem to pay the Ransom problems away, right?That's not a foolproof solution. So what we do we generate an . We generate a kf aes keyFor every single file then we encrypt the fileWith that so let's just draw that in so it makes it makes it sense file, right so we encrypt the file with kfthen weStore that file on disk and we attach to it that key so that it can be undoneBut we hold it to Ransom by encrypting it with our clients public keySo let me run this which files are all in encrypted with a smash it key, so they're encrypted quicklyBut then that symmetric key is been encrypted with a brand new generated asymmetric key pairyeah, which is encrypted with thePublic-key, so that only the server can be tricked exactly right?So there's a kind of chain decryption here that we would have to solve if we wanted to undo all this and get ourFiles back would return us. Just one file on the disk to get our file backWe need to decrypt it with kf right, which is a symmetric keyunfortunately kf has beenEncrypted with this public key here for the client so need to work out what the private key for the client isUnfortunately again the private key has been encrypted with the public key of the serverSo the only way we can find this private key is to ask the server for its private key or more likelyAsk the server to decrypt it for us and send it backSo you can imagine a situation where you paid your ransom?Like someone on the other end decided that was and you were going to have you're going to get your files backSo to be clear you shouldn't pay the ransomBecause it encourages crime, and there's no guaranteeThey'll do this and in fact want to click - it looks like they're not really bothering right?I don't partly because there's a few implementation issues. It's not clear whose bitcoinsyou're paying - it should have had you should have had aSo most ransomware will have a bitcoin assigned for your client, so when it generates these keys it will also generate a bitcoin addressright so theoretically this is automated would pay the ransom and then theoretically they would choose toThey look at that bitcoin address and go okay. Yes. paid send them back the private key their private keyNot the case here right it seems to be kind of manual and in lock come is anyone's actually doing itBut I can sympathize with who have had their files encrypted ? It's one thing to say don't do itDon't do itBut you can imagine if you were in a where your family photos have been encrypted you might be quite desperate to get inthe back umsoHypothetically someone paid a Ransom and it was going to give itWhat would happen is the client would send off this encrypted private key right? Which it doesn't know anymore?to the server and the serverWould decide okay?they're allowed their files back for whatever reason andWould decrypt this with their private key so s proof right which I'll put in here s privateSpr. B. Right so they decrypt ourClient private key with their server private key and send it back the network like this is all happeningTor by the way nothing going over the open networkWe then have this private key back again which we can use to decrypt our k f whichWe can use to decrypt our fileAnd then it just iterates through all the files doing that process so you can see that the thingThey're actually holding to Ransom is the fact we don't know this private keyAnd they've encrypted our private key the benefit of this is you get the speed of aes?Which over a bunch of files on a disk is unbelievably quick?Somewhere around I think seven hundred megabits per second of encryption rate. I think on on a decent intel machine withAes instructions on itYou get that benefit?but you also have the benefit thatthe private Key but sort of the master key as it were it held only on the server and never needs to be sent toAnyone and the only way to undo all of this encryption is to know what that is and the other bonus is but you don'tHave to be online to do any of this some man somewhereIf it can't connect to the command and control server will immediately shut down which is nice of themI suppose because it means they're not going to encrypt your files if they know you can't get them backBut this doesn't do anything like that this encrypts your files first ask questions of a server laterSo if the command and control disappear there is no hope because this private key is gone. That's the ideaSurely at some point this aes key is in the clear because it's dead againYeah, and so is this private key right so at some pointWhile it's running this private key will exist and before. It's encrypted it will be in memory nowThere's a few problems first of all it's way too late for most people, right?But theoretically if antivirus being vigilant that might help but but not reallythe other thing is thatit's quite hard to access memory for other processes because ofFairly good security measures in windows and and any other operating systemBut separate out processes from one another really this is operating in its own address spaceit's quite hard for anything else to sort of get in there and quickly look at the keys andstick them in a file in that time period so really that isn't I don't think an avenue of research in terms of trying tofix this problembetter to do things like the web-based sinkhole that stopped it running completely and then keep a vigilant eye out for newVariants show up. You know Daily nowIs there any way of working out how those keys and using that technique? If it was using a poor?Encryption library right, then maybe there will be a weakness that you could use right as it is to generate these keysIt's using the windows standard Encryption library which is not bought. It's like. It's perfectly goodthat's a that's going to be a problemThe best bet at this stage of getting your files back is not paying a ransomIt's hoping that someone will find this server the real location of it and extract this master key at that pointEveryone else will be released within a day, but just does all this put it reverse process and solve the whole problemhas happened in the past to ransomware that's been brought downI believe Cryptolocker for example was an early ransomwareBut when they finally brought down the server they also extracted the master key and able to Publish tools to undo everythingno guarantee that will happen in this case right the dark web makes it quite hard to find these serversEspecially if for example the massive publicity surrounding this has caused them to essentially just do a runnernot even I mean I think the servers are still runningBut you know I don't know but what the end game for this is we don't know will they find the servers won't they willThis just all to disappear and unfortunately some people have lost some files. We'll have to wait and seeHow doing backups yes? What was the best way to back up then okay?Hang on put me on the spot nowSo the best way to do backups is multi-locationRight so not a single hard disk because it might dieBut also not hard disk sitting next to each other in case your house falls down and smashes hard this cloud storage isVery good because they have thisthat done as we built in if you don't mind giving your file to them and paying their costs right so some commonI use some combination Cloud storage andHard disks and burning to Blu-ray and things like this\n"