In the first quarter of 2016, a record breaking amount of ransomware has been an evident problem for IT security professionals all across the world, specifically, for Australians it has caused a large amount of disruption. Security and the preventative measures in which can be taken in order to minimize the risk of ransomware must be planned and implemented as efficiently as possible, as soon as possible across all sizes and types of organisations.
Before we dive deeper into the issue however, you may be asking what exactly ransomware is?
Ransomware: A type of malicious software designed to block access to a computer system until a particular sum of money is paid. While it is mainly targeted at individuals, the trend of targeting businesses and company networks has been increasing.
What’s An Example Of Ransomware?
First things first, we must understand that the growth in ransomware has a direct correlation to how lucrative and attractive it can be financially to cyber criminals . Instead of using credit card and payment data in a completely unethical manner, the idea of being paid for essentially holding up your personal data is yet another unethical revenue stream that can be explored by these cyber attackers.
One of the largest outbreaks going around at the moment is to do with a FAKE Australia Post account that notifies you of a non-existent “parcel” as such encouraging you to check tracking. By clicking the link, you will be transferred to a website that looks almost identical to the Australia Post website, however, it is the complete opposite. You would then typically be conned into downloading a type of torrent software (through the download information tab in this example) which would ultimately encrypt (make all files unable to access) and the only way in which you can access them, is to of course pay the ransom, however, this should never cross your mind. Even when paying the fee, there will be no guarantee that you will even be able to access your files again. Under no circumstances should you ever pay this sum!
So…How Can You Decrease The Risk Of Ransomware?
- Never enter any Captcha codes (in the above example the 26974 code to “download” information)
- Hover over the link to see the address of the landing page before clicking on the link. This is vital as more than likely it will have a url that has NOT got the same domain name as the company it’s “claiming” to be
- Never download anything off the landing page you have been taken to. If you do find yourself in this situation, make sure you exit the page quickly and don’t pay or enter any further information to comply with the cyber attackers threats
- The most important thing is to make sure you have a backup / offline strategy in case this situation does happen or is for some reason unavoidable. If your computer is compromised with the data stored within it, more than likely that data has already been compromised and you aren’t going to pay them anything or even negotiate. If you have an offline or backup strategy that is up to date, then all data lost can be recovered and uploaded to a new server or network.
- All users will need to stay alert when accessing any secure payment website that starts with the url: https://. As evident in the photo below, the certification logo shouldn’t show any errors and should be identified as authentic. If not trusted, then the identification will fail and thus it is evident that it is a potential ransomware attack.
These are only some of the ways in which you as the user or admin can take control and educate any staff or members of an organization to be careful when it comes to ransomware. This is becoming a big enough problem as it is and proper measures must be put in place to ensure that the risk is minimized as much as possible as well as sufficient backup solutions have been achieved.If you currently do not have any of these risk management tools in place, please contact Excite IT for any advice or information as to how we could assist you in these areas.
