Ransomware is a type of malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to function again. To add to the stress, a time limit to pay is also displayed in most cases, which if not met, usually results in the either the fee increasing or the permanent deletion of all encrypted files.
The types of organisations hit by ransomware attacks is near endless. Hospitals, schools, government bodies, small and large businesses, and even banks haven’t been able to avoid attacks from one of the biggest cyber threats of 2016.
Ransomware, like many other types of Malware, can find its way on to your computer by being installed through deceptive links in emails, instant messages or websites. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
The fees can vary greatly- from as little a few pounds to 4 or 5 digit sums, and are usually in ‘Bitcoin’ a type of crypto-currency which has risen in popularity in recent years, partly due to the fact it is extremely hard to trace. One problem with this is that the average member of public will have no idea what Bitcoin is, or how to acquire or send it (even with instructions provided by the ransomware message).
These attacks are particularly damaging, of course, because of their payload – encrypting valuable data files and refusing to unlock them unless a ransom demand is met.
The threat of ransomware is well explained in this ESET video:
If you’re a home user who has their personal computer struck by ransomware, you may find that files with a priceless sentimental value (such a family photos and movies) may be at risk of being lost forever.
The criminals behind the attacks are banking on this, in the hopes you (or your business) will be prepared to pay up so that you don’t lose the files. The problem here though, is that you are trusting criminals to keep to their word and fix the problem after you pay up. Most attackers will generally keep to their word. In a sense, it is a business for them, and businesses work on reputation. If it got out that even after payment they would not deliver, people would stop paying altogether. There have been a few rare cases however, where the attackers did not care about their criminal reputation, and just took the money and ran.
But if ransomware does manage to encrypt your files, and you cannot access working backups your data, what should you do?
The FBI has published a list of tips to reduce the chance of ransomware being the ruin of companies (and some of them are applicable to home users too):
- Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
- Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure anti-virus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts — no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Disable macro scripts from Microsoft Office files transmitted over email.
- Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.
Prevention is always better than cure. Protect your computers – whether it be at home or in the office – from the threat of ransomware, and take the necessary measures so that if you are unlucky to be hit by a ransomware attack, you can recover.
For information about our work to prevent individuals and communities from becoming victims of cyber crime, please visit www.safeinwarwickshire.com/cybercrime
Be Cyber Streetwise is a cross-government campaign, funded by the National Cyber Security Programme. They aim to measurably and significantly improve the online safety behaviour and confidence of consumers and small businesses (SMEs).
Get Safe Online is the UK’s leading source of factual and easy-to-understand information on online safety. Their website offers advice on how you can protect yourself, your computers and devices, and your business against the likes of fraud, identity theft, viruses and other potential online problems.