Meander Valley Gazette

Your Independent Community Newspaper

Cyber crims using high tech extortion

FeatureJoanne EisemannComment

[vc_row][vc_column width="1/1"][vc_custom_heading text="Cyber crims using high tech extortion" font_container="tag:h2|font_size:40|text_align:left" google_fonts="font_family:Abril%20Fatface%3Aregular|font_style:400%20regular%3A400%3Anormal"][vc_column_text]

December 2015 | Alistair Carr

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width="1/1"][vc_separator color="black" align="align_center" style="dotted" border_width="2"][/vc_column][/vc_row][vc_row][vc_column width="1/1"][vc_column_text]

FOR A COUPLE of years now a rather nasty bit of ransomware called Cryptolocker has been doing the rounds.

Once on your computer this awful piece of software starts encrypting your personal files.This means all your documents, photos, and the like cannot be opened by you.

The only chance of recovery of these files is by paying the ransom (hence the name ransomware). Details on how to pay are part of the message you receive about your files “being encrypted for your own protection”.

This warning may even include a (fake) logo purporting to be the US Department of Justice and the FBI and claim your files have been locked because you have visited illegal sites.

This ransomware will also encrypt personal files on any external drives attached to your computer, any personal files stored in mapped network drives, network shares, and cloud services like Dropbox, Onedrive, iCloud or other cloud storage that shows up as connected to your computer.

It may also encrypt backup files created with specialised backup software if those files are stored on any of the above storage systems. The only safe data is data stored on write once media like DVDs or CDs or on external storage that is not connected to a computer.

Removing most variants of Cryptolocker is not all that difficult (most antivirus programmes will remove it).

However, this does not unlock your files. The only way to unlock your files is to pay the ransom. This is generally paid via Bitcoin and can vary from around $200.00 up to thousands of dollars. Even then, paying is no guarantee of getting your files unlocked.

The good news is the Cryptolocker network was taken down last year by the U.S. Department of Justice (DOJ), along with law enforcement agencies in Australia, Germany, France, Japan, Ukraine, U.K and others. This has slowed the spread of Cryptolocker.

The bad news is new variants generally referred to as ‘Cryptowall’ have sprung up.

Most infections appear to be coming from attachments in spam email and drive by downloads.

Crucially, these attacks are usually downloaded and run in the background in a manner that is invisible to you, and without you clicking on anything.

Just the act of viewing a web-page that harbours this malicious code is enough for the attack to run!

So how do you avoid getting Cryptowall? First make sure you have some form of security suite software installed.

Keep Windows up to date with Microsoft security patches, avoid clicking on emails from unknown senders, especially those with attachments, and even be wary of email attachments from people or businesses you know, especially if they are not expected or have odd titles or text.

Lastly, make sure you do regular backups or copies of your personal data to an external hard drive that is only connected to the computer when doing the backup.

Of course, do not connect the drive to do one last backup if you are already infected or think you may be infected.