Ransomware Is Real: Beware

Although you may not know this already, Ransomware has been around for more than a decade, with its latest victim being Lincolnshire County Council. The county council was forced to shut down its entire computer system for days. This case is an example of many other such cases being reported worldwide, and how serious this is.

The first case of ransomware was reported in the United States back in 2005, though it did spread like wildfire to the rest of the world. This type of computer infection/attack is notorious for blocking access to a person’s/company’s files in a computer system, or encrypting an entire computer network thus holding it hostage. Once the computer is infected, its user is ordered via a pop-up window to pay ransom of a certain amount. If the amount requested is paid in time, the attacker then sends a decryption key to help unlock the data.

Anyone (consumers, businesses, organizations, etc.) can be a target, which is why proper security and protective measures should be undertaken. Although Lincolnshire County Council was confident that they had the appropriate security measures, the attacker was still able to get into their computer systems. Experts analyzing this attack considered it a ‘zero-day malware’ as the attack was new to them.

Although the attacker demanded £1 million to restore the county council’s data, they didn’t get even a penny, as the council declined to pay. This however forced them to switch off all computers and computer systems within the county to take control of their computers. The IT department had to sweep all computers to stock the malware from spreading, and to secure their data farther. This move however forced the county’s staff to switch to old-school methods such as pen and paper to serve the public. It took 4 days for the IT administrators to do a thorough sweep and restore data.

Any computer connected to the internet can be infected with the ransomware virus, as all it takes is receiving and clicking on an email containing an attachment with the virus. Once the malicious code/virus gains access, it freezes the computer making it impossible to use it.

CDT-Locker is one of the latest strands of ransomware, and is almost impossible to detect. The malware can be hidden in documents or other files making it almost impossible to detect even by the strongest and most efficient security systems. The worst thing about this is that, hackers embed the malicious code in files that appear legitimate, thus making it easy to attack almost anyone.

One of the easiest ways that hackers use to target individuals is by posing as a utility company, then sending you a file that needs to be downloaded into your computer to fill out. These hackers also use the social media to reach out to unsuspecting people by either sending them infected links, under the pretense of a trusted friend. Clicking on the link or simply downloading a document from an email send to you makes you a victim.

Hackers are crafty and will use almost any trick to attack you or your company. Nonetheless, being careful with what you do online and ignoring emails from unknown senders is however recommended. In addition to this, have the latest anti-virus software installed on your computer to boost your security online. Backing up all important information from computers and other systems within the network is also recommended. A computer backup system (not connected to your computer) can help you retrieve data if targeted by a ransomware.

If a target of ransomware, you should:

  1. Disconnect the infected computer from any network, and turn it off. This helps prevent the virus from spreading to other computers within the network, especially if on a shared network.
  2. Report the attack to the local authorities – the police.
  3. Do not pay anything. The hackers may or may not send you the unlock key. Paying also encourages them to attack more people.