...and whoever did this is demanding a fee to be paid within 72 hours otherwise your information will be deleted. You've just been infected by Ransomware!
What is Ransomeware?
Ransomware is a type of malicious software (malware) that is designed to block access to a computer system or files until a sum of money is paid. It can be aimed at individuals or businesses.
Often you are infected by you or someone else within your organisation clicking an email link or opening an attached file. Commonly known Ransomware viruses include Cryptolocker, Cryptowall, and more recently, TeslaCrypt. The total number of Ransomware attacks is unknown, as many organisations and individuals just pay the money and move on, never reporting the attack.
If you do not have your files securely backed up, it is often impossible to decrypt your files, without paying the ransom demand.
Ransomware can affect smartphones and tablets too.
Smartphones and tablets are not immune. In New Zealand, people have been targeted through social media links or websites that encourage you to install a 'video player' app to watch content.
The Ransomware tries to scare, trick or even embarrass you into paying the ransom. For example the 'Koler’ and ‘Locker’ police themed Ransomware locks your screen and tells you that New Zealand’s Security Intelligence Service has caught you viewing child pornography, or downloading or watching illegally shared movies. It states they will contact 'witnesses’ and displays three of your contacts on screen with their names and numbers.
How can I protect against Ransomeware?
- Education: You need to make sure you and any staff you have are educated about the risks. Be very careful about downloading apps, opening files and clicking links. You should always verify the sender of attached files, and double-check the validity of webpage links before opening them.
Tip: Get your staff to complete our Digital Citizenship Assessment, which has a section on Keeping Safe Online. It's free and provides good advice on improving Internet skills.
- Up-to-date software: Ensure all your devices have up-to-date software. Check Microsoft Security Bulletins and ensure your systems are fully patched and up-to-date. From this link you can also check that you have the latest updates.
- Up-to-date anti-virus software: Most Ransomware can be detected by anti-virus software so check your subscription is up-to-date and that it has downloaded the latest virus definition files. If you have Android devices, consider installing anti-virus software on them too. Check out this article on virus protectors. It includes links to free virus protectors with some of the free products having desktop and mobile versions available.
Tip: Backup your data to a cloud provider (say fortnightly), but make sure that the cloud storage is not 'synced' to your local computer and it is only accessible through a browser.
- Backup all essential information: This will enable your system to be cleaned and rebuilt if it gets infected. Some Ransomware can target USB drives or network shares attached to an infected computer, so be careful where your backups are stored. Don't forget to test that your backup process is working, and that your backups cannot be infected.
- Health check your computer: If you are a PC user, Netsafe NZ recommends you use the Secunia Personal Software Inspector to look for weaknesses on your machines.
- If your organisation has a network (even a small one) consider limiting staff access to sensitive files and network drives, that will help limit the spread of an attack.
What can we do if we've become infected?
Netsafe NZ is a great resource and has a wealth of information on how to prevent security breaches and what to do when they occur.
With regards to Ransomware, check out the following information: