Monday, July 18, 2016
How ransom hackers use ransomware to infect computers and demand payments. How to stay safe from it and what to do if infected. The value of IT security training.
‘Ransomware’ Is Another Online Risk To Protect Against
Following a long line of online threats such as viruses, malware, spyware, phishing and more is ransomware - a nefarious piece of code that, as its name suggests, involves charging a ransom to the user. It’s a very real threat and computer users need to be aware of it and protect themselves.
What is Ransomware?
It’s a piece of software hackers use to lock you out of your computer. The only way to unlock your machine again is to pay their ransom demand; if you don’t, then your files will be inaccessible. They’ll either be removed completely or you’ll be locked out of them as the ransom software encrypts them.
Other than paying up, the only way to get control back over your files is to reformat your system and ‘start again’ - so if you take this drastic step you’d better be sure everything was backed up recently.
Along with the traditional hacker and cyber criminals’ usual target of Windows-based computers, other platforms are at risk from ransomware such as Android, Linux, Apple iOS and OS X.
According to computer security experts Sophos, ransomware originated from seven or eight criminal organisations but has spread as it has been sold to many smaller users on the black market.
What Sort Of Ransoms Are Being Charged?
Amounts up to around $500 are being charged according to some computer security experts, although the trend is for the hackers to ask for payment in vouchers such as those for the Apple iTunes store or Amazon. Originally, to protect themselves, the hackers tended to ask for ransoms to be paid by anonymous, non-traceable digital currency such as bitcoin. Because many of their victims weren’t familiar with it they’ve changed tactics hence the use of vouchers in payments.
How Ransomware Strikes
Like other viruses and malware, ransomware has to be downloaded by the user. It doesn’t just ‘appear’ on a computer, although the download is hidden so the user doesn’t realise what has happened.
By email - for example, a convincing looking email may arrive looking like one from the user’s bank or similar. There will be a link on it or an attachment and, because the reason for asking to click the link or download the attachment sounded plausible, the user clicks it and this basically allows the ransomware onto their hard drive.
Suddenly the user can’t access their files and may see a counter showing how long before their hard drive is erased unless a ransom is paid.
The all-important email you received originally from the hackers is of course crafted to make you ‘fall’ for the contents. They’ll make it as credible as possible using sophisticated techniques such as social engineering, and timing them according to subject matter. For example, emails supposedly from tax authorities may be sent round about the time tax returns are due and so forth.
By Website - poorly structured and insecure websites can pass ransomware on. The hackers can add their ransomware to links and ads, so just clicking on them can be enough to infect your system.
What To Do If Ransomware Strikes
Firstly, do not pay the ransom. Yes, you may lose your files but if you back up regularly you’ll be able to restore them, and by not paying you’re helping prevent the proliferation of this type of cyber crime. There’s also the likelihood of malware still being on your computer even if you do pay the ransom.
You could buy a computer programme to decrypt your files, but this could be expensive and it may not work effectively against the particular ransomware you’re infected with.
The easiest thing to do is reinstall your operating system and start again.
Protecting From Malware
Update software and operating systems - a basic step but very important as hackers sometimes rely on users not keeping their systems up to date. Vulnerabilities in older versions of software are often used as entry points for malware, so ensure you’re running the latest version of the operating system (including incremental updates), antivirus and other software.
Backup - make regular backups so, if the worst happens and you have to reinstall your operating system as discussed above, you’ll have up to date versions of your files to reinstall.
Be careful when backing up, however. If using the cloud, for example, log out when backing up is completed as ransomware could affect backed up files if allowed to access them. The same applies if you’re using an external hard drive - disconnect it when backing up is finished to remove any risk of ransomware encrypting your backups.
Professional Security Help
Along with ransomware, other malware and security risks such as phishing are an everyday hazard for computer users - and even users of tablets and smartphones - so some expert help is well worthwhile.
If you have staff, then training from experts in how to protect themselves online in the workplace might be considered. Often being aware of the risks and what to look out for can prevent them at source, and a good security expert can also show and implement ways of making office systems more secure.
Stuart Macleod is the director of Networking 2000 IT Support in Romford, which provides contract-based IT support for businesses in Essex and London.