Custom Search

Cyber Security: Ransomware

Ransomware programs encrypt your data and hold it as hostage, waiting for a ''cryptocurrency pay off.

It is a very popular form of malware.

Ransomware criminals have recently crippled companies, hospitals, police departments, and even entire cities by making it impossible to access their files.

Most ransomware programs are Trojans, which means they have to be spread through social engineering of some sort.

Once executed, most look for and encrypt users' files within a few minutes of infection.

Howevers some Ransomeware Trojans now take a "wait-and-see" approach. By incorporating spyware within the trojan, the hacker can then watch the user for a few hours before setting off the encryption routine, the 'malware admin' can then figure out exactly how much ransom the victim can afford and also be sure to delete or encrypt other supposedly safe backups.

Ransomware can be prevented just like every other type of malware program, but once executed, it can be hard to reverse the damage without a good, validated backup.

According to some studies, about a quarter of the victims pay the ransom, and of those, about 30 percent still do not get their files unlocked. Either way, unlocking the encrypted files, if even possible, takes particular tools, decryption keys and more than a bit of luck. The best advice is to make sure you have a good, offline backup of all critical files.

If you have suffered an attack

If you have suffered a ransomware attack you may be able to use information provided by https://www.nomoreransom.org/ to recover your data.

This is a scheme set up by Europol, the Netherlands Police, McAfee and Kaspersky to analyse ransomware and identify the decryption keys to recover data (see https://www.bbc.co.uk/news/technology-49096991).

 

On Windows 10: run the Malicious software removal tool: https://support.microsoft.com/en-us/help/4026667/windows-10-how-to-remove-malware-or-viruses.

In a worst case scenario, you may need to:

reformat your hard drive,

reinstall your operating system and

reinstall your keys.

You will then need to reinstall any programs you use and then your data from your secure backup files.

Note that the reason for a slow running, old computer can be a build up of dust in vents, fans and internal surfaces so that the processor slows down to avoid overheating.