Ransomware: malicious software designed to block access to a computer system until a sum of money is paid.
Ransomware has become one of the most widespread and damaging threats facing internet users. According to an article in the Irish Independent “this type of computer attack is now “rampant” in Ireland.” Ransomware even featured in a Season 6 episode of The Good Wife when the firm’s entire IT system was shut down until they paid up. Of course, they had Kalinda, the investigator who identified the baddies and sorted it before the payment deadline!
According to the BBC there are now 124 separate families of ransomware with a 3,500% increase in attacks.
Ransomware typically propagates as a Trojan, entering a system through, for example, a downloaded file (as it was on The Good Wife) or a vulnerability in a network service.
When the file is opened, the system is restricted or locked. A message then appears on the user’s desktop explaining how a ransom can be paid within a set timeframe. When payment is made, a decryption key is provided. The ransomware will then delete itself leaving just the encrypted files and ransom notes behind.
Often networked Windows back-ups are deleted at the same time to prevent data recovery.
The University of Calgary recently paid USD$16,000 in a ransomware attack. A few hospitals in Germany and North America have been hit in the last 4 months as well as a Michigan electrical and water utility. Bitcoin is the payment method of choice by the bad guys.
As most of us don’t have our own Kalinda, here are 10 easy ways to
Protect against ransomware
- Backup regularly and keep a recent backup copy off-site (and offline)
- Don’t enable macros in document attachments received via email
- Be careful with unsolicited attachments
- Don’t stay logged in as an administrator any longer than is strictly necessary
- Avoid browsing, opening documents or other “regular work” activities while you have administrator rights
- Install Microsoft Office viewers
- Keep your operating system and software up-to-date with the latest patches
- Stay up-to-date on new security features added to your business applications
- Set Notepad to open .JS files by default
- Show files with their extensions
For more information download the Sophos white paper.
Related: 6 tips to prevent ransomware attacks on your backups