Ransomware is a form of malicious software that provides cyber criminals with the ability to lock a computer / computer network from a remote location. A display notice will appear informing the user and will not be unlocked until a sum of money is paid (ransom). Recent examples in the media include CryptoLocker, Cryptowall and WannaCry (and variants of these under different names).
In some cases, one function will be available to the user and that is a number keypad to enable payment. Often payment is requested in the form of Bitcoin.
Fraudsters are manipulative and sometimes include an additional twist of an accusation of illegal activity or a pornographic image on the locked screen, making it more difficult through embarrassment for some users to seek help from anybody else, and simply resort to paying the ransom. Paying the ransom will not guarantee the unlocking of the computer.
The loss is that you could be down tools for a number of days replacing your equipment, loss of files and as a result loss of income.
Your computer could be infected by ransomware in a number of ways:
- Opening a malicious attachment in an email.
- Clicking on a malicious link in an email, instant message, social networking site or other website.
- Opening corrupted macros in application documents (word processing, spreadsheets etc).
- Visiting a corrupt / fake website.
- Opening infected files from web-based digital file delivery websites.
- Connecting corrupt USB connected devices (eg memory sticks, external hard drives, MP3 players).
- If any computers have been locked by ransomware, seek professional advice from a trustworthy source. Even then, it is possible that you may never be able to access your files again.
- Don’t click or reply to attachments, banners or links without knowing their true origin.
- Never reply to spam emails.
- Visit only websites you know to be reputable.
- Don’t install or run non-trusted or unknown software. Do not install programs or applications on your computer if you do not know where they come from. Some malware installs background programs that try to steal personal data.
- Update your software regularly. Many malware infections are the result of criminals exploiting bugs in software (web browsers, operating systems etc.). Keeping these up to date can help to keep your devices and files safe.
- Install and keep antivirus and firewall software updated on your devices. Antivirus can help keep your computer free from the most common malware. Remember always check downloaded files with antivirus software.
- Use only official sources and reliable websites to keep your software updated with the latest security releases. Always use the official version of the software.
- Don’t install mobile apps from unknown providers/sources. Always download from official, reputable and trusted sources/app stores.
- Regularly back up the data stored on your computer. Even if you are affected by Ransomware, you will still be able to access your personal files (pictures, contacts, etc.) from another computer.
- To detect and remove ransomware and other malicious software that may be installed on computers, run a full system scan with an appropriate, up-to-date, security solution.
- Do not pay out any money if held to a ransom request. Paying does not guarantee that your problem will be solved and that you will be able to gain access to your files again. Furthermore, if you pay you will be supporting cybercriminals’ businesses and the financing of their illegal activities.
- If you are a victim of Ransomware, report it immediately to the Gardaí/Police. The more information that you give to the authorities, the more effective they can be in disrupting the criminal infrastructure behind these scams.