Are hackers trying to take over your computer and demand payment?
Currently the extortion vehicle of choice for online criminals, these hackers infiltrate your computer and can then threaten to harm your data or lock you out of your own computer.
Perhaps you've seen the official looking pop-up warning from the Australian Federal Police alleging you have breached copyright, have visited pornographic sites or other laws have been broken. The pop-up then blocks access to your computer requiring you to either pay the infringement notice or you can reboot your system and lose any unsaved work.
The next level up from this is for ransom malware to be inadvertently installed on your computer through either unsolicited emails, hijacked websites with infected malware or through exploitation of vulnerabilities in out of date software including web browsers, Java, Adobe PDF and Adobe Reader, media players and everyday programs.
Once the malware has been inadvertently installed by the simple click of a mouse, it then goes to work unleashing its damage to the system behind the scenes, then locks or blocks access to the system and launches a message or email requesting payment to reverse the damage it caused. The payment method can be anything from wire transfer, online voucher to premium rate text message and can look quite legitimate. Once payment is complete the malware reverses the damage and restores access.
The more complex ransom malware will launch a data encryption program that will lock away your valuable data and this is the scariest type of ransom malware. Encrypted data is almost impossible to get back without paying the hackers to launch the decryption program. Usually the recommended cause of action is to format your system and restore from a recent backup. Of course this is conditional on you having a recent full system backup available.
Mitigation techniques for business.
Staff training - do not open unsolicited emails and attachments. SPAM mail often looks like it is being sent from a known associate, but it really is a harmful email that should not be opened at all. Delete suspicious emails immediately or call the sender to authenticate the message before opening.
Websites - implement a policy limiting internet web browsing on specific computers. By limiting access to web sites, this lowers the risk of becoming infected.
Anti-virus, Malware, Firewall protection
Invest in a full security software suite to protect your business from infection.
Keep all software up-to-date.
Ensure all updates for programs are applied frequently and consistently. These updates often have critical security updates to plug holes found in programs.
Consult an IT expert to get in place a disaster recovery plan and to ensure the business has tested and validated procedures in place of emergency scenarios. Ransom Malware can be a serious threat to a business, but so can a fire - Backups are essential for every business. Imagine if tomorrow you got to work and there were no computers or all your data was gone. Would this affect your business, your customers, your staff? What sort of cost would be involved in re-constructing your data if it is at all possible? Always plan for the worst and hope for best.
Happy Computing :-)
Unit 8, 14 Rothcote Court Gold Coast BURLEIGH HEADS QLD