How Linguistics Cracked The Ransomware Code
Cyberattacks, bugs, viruses, cybertheft, malware or ransomware … a breach of data security under any name is formidable. But, leveraging linguistic analysis is proving to be a valuable tool in cracking a hacker’s code.
As technology advances, the sophistication and intricacies of cyberterrorism add new complexity to data and risk management. However, each attack embeds identifiers in the code that can help lead authorities to the correct perpetrator.
Global law enforcement officials search for those identifiers within the malware to lead to the source of the attack. By analyzing language trends within the code, authorities can make assumptions about where the attack originated.
For example, with the WannaCry ransomware scam, ransom letters were sent out in different languages. But linguistic nuances appeared as errors in generic translations by free machine translation engines.
Experts saw that the hacker’s use of certain Chinese characters hinted at fluency, while the failure to recognize grammatic and contextual cues in other languages supported forensic claims.
You want to be careful of the accuracy of machine translation by itself, especially from free translation sites. (Note: Linguistic Systems uses advanced, proprietary statistical and neural engines for its machine translation. We then add human translation as needed, to get to the desired quality level.)
According to Flashpoint authors Jon Condra, John Costello, and Sherman Chu, in an article published May 25, 2017, “A number of unique characteristics in the note indicate it was written by a fluent Chinese speaker. A typo in the note, “帮组” (bang zu) instead of “帮助” (bang zhu) meaning “help,” strongly indicates the note was written using a Chinese-language input system rather than being translated from a different version. More generally, the note makes use of proper grammar, punctuation, syntax, and character choice, indicating the writer was likely native or at least fluent.”
Data security starts with a commitment to confidentiality. Although free translation sites may seem like a quick and cost-effective choice to translate your documents, they can expose you to risk.
Even Google Translate’s FAQs confirm this possibility: “The stored text is typically deleted in a few hours, although occasionally we will retain it for longer while we perform debugging and other testing. Google also temporarily logs some metadata about translation requests (such as the time the request was received and the size of the request) to improve our service.”
The lack of accountability of free translation sites may contribute to lower quality translations. Forgoing the expertise of human insight probably gave authorities valuable clues to the location of the WannaCry Ransomware hackers. It also highlights the flaws of machine translation software in general, particularly on free sites.
Using a free online translation tool may seem cost-effective, but it invites a third party to engage with your content — one that cannot be held accountable in the event of a security breach. This exposes you to risk.
To be sure that you have the most secure and accurate translation, put your trust in a translation service provider who can offer you the cost- and time-effective methods of machine translation complemented with the expertise of human translation as needed. Choose a service provider with a strong history of excellence in translation and confidentiality supported by multiple security certifications.
We’ve got you covered in all those areas.
EDITOR’S NOTE: Linguistic Systems maintains an information security management system certified to the requirements of the ISO 27001 information security standards.