Understand the rising threat of ransomware
Ransomware is an ever increasing issue, a new trend that affects many PC users worldwide. According to threat reports of McAffe labs the first quarter of 2015 had a 165% increase in new ransomware, just to get an idea of what this means a Cybersecurity market report by Cybersecurity ventures reports that ransomware cost 18 million USD over the past 15 months. As per Matthew Rosenquist in his article Top10 Cybersecurity Predictions he forecasts the growth of ransomware and a shifting of attacks to become more personal.
We know how serious a threat is ransomware and that you will, if not already come across it. According to wikipedia “Ransomware is a type of malware that restricts access to a computer system that it infects in some way, and demands that the user pay a ransom to the operators of the malware to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive using a large key that may be technologically infeasible to breach without paying the ransom, while some may simply lock the system and display messages intended to coax the user into paying.” A very good example of a ransomware especially in Cyprus is the “Police Virus”, where it blocked the user’s screen displaying a fake message “from” the Cyprus Police that the computer is blocked due to being involved with the distribution or pornographic material, SPAM, and copyrighted content asking the user to pay 100EUR to unblock the PC. (This malware is quite easily removed from the PC)
A few tips on how to protect yourself from ransomware
1) Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
2) Back up often. If you back up files to either an external hard drive or to an online backup service, you diminish the threat.
3) Enable your popup blocker. Popups are a prime tactic used by the bad guys, so simply avoid even accidentally clicking on an infected popup. If a popup appears, click on the X in the right-hand corner. The buttons within a popup might have been reprogrammed by the criminals, so do not click on them.
4) Exercise caution. Don’t click on links inside emails, and avoid suspicious websites. If your PC does come under attack, use another computer to research details about the type of attack. But be aware that the bad guys are devious enough to create fake sites, perhaps advertising their own fake antivirus software or their de-encryption program.
5) Disconnect from the Internet. If you receive a ransomware note, disconnect from the Internet so your personal data isn’t transmitted back to the criminals, if you cannot fix it yourself then take your computer to a reputable repair shop.
6) Alert authorities. Ransomware is a serious form of extortion.
With approximately 30000 infections per day around the globe (ref. Candid Wueest from Symantec) we must be more careful to avoid these malware especially since criminals started targeting mobile devices as well, both android and iOS devices. Ransomware can prevent you from accessing your PC or mobile device, encrypt files so that you can’t use them, stop certain apps from running (like your web browser) and they will demand that you do something to get access to your PC/mobile or files, things like pay money or do surveys. There is no guarantee that paying the money or doing what the ransomware tells you will get access to your PC/mobile or files. Do not be tempted to give in and pay the ransom, chances are that if you pay once they will further request more ransom. Your best bet against ransomware is to take precautions to protect your information.
George Agathangelou
Professional Services Director
MCTS, MCSA, CCSE, CITM, DCUCSS, RSA CCE
HP-ASE, HP-APS, HP-ASP, STS, VSP, VTSP
IBSCY Ltd