Hijacked computers and files

Posted on: November 19, 2013 | By: Christina Bonds | Filed under: Tech Tips, Info Security

Malware is a term that combines the words ‘malicious’ and ‘software’.  Malware is unwanted software installed on your computer to cause damage or steal information.  Viruses and worms are both considered malware.  There is another form of malware you need to be familiar with which is called ransomware.

What is ransomware?

Ransomware is installed by criminals to limit access to your computer or files until you pay them a certain amount of money.  It usually generates a webpage, pop-up window or email with a message that explains your computer or files have been made inaccessible and tells how to submit payment to regain access.  It is important to note these messages will appear to be from legitimate authorities or businesses such as the FBI, FedEx and UPS.

What are the types of ransomware?

There are currently two known types of ransomware – lock screen and encryption.  Lock screen ransomware prevents you from doing anything on your computer until you remove the malware.  Encryption ransomware is more damaging because it encrypts (scrambles) your files so they can no longer be read.

CryptoLocker is the encryption type of ransomware which surfaced this year and its infections are on the rise.  Your computer gets infected by clicking on what appears to be a PDF attachment in an email.  Once the file is clicked, CryptoLocker encrypts all of the files it can find.  Once it is complete, it displays a message telling you how to pay to get your files back in a readable state.  The criminals hold the key to decrypt your files so they can be read again but they demand you pay them money, usually within 72 hours, in order to get that key.

Ways to avoid ransomware

The following tips can help to protect against ransomware and other forms of malware.

  1. Install an antivirus solution and be sure to keep it updated.
  2. Be careful when clicking links and file attachments in emails even if you know the sender.  Were you expecting the email?
  3. Make sure your files are being backed up regularly.  You can restore from your backup if your files become encrypted.

What to do if you suspect you are a victim of ransomware

The following steps can help if you think you are a victim of ransomware.

  1. Do not pay the money (ransom).  There is no guarantee you will regain access to your files or computer once you pay.
  2. Have an IT or computer professional to look at your computer to clean it.  Tell them as much information as you can about what happened.
  3. Change all passwords.

References

http://www.us-cert.gov/ncas/alerts/TA13-309A

http://www.microsoft.com/security/resources/ransomware-whatis.aspx

Christina Bonds

Christina Bonds, CISSP, is an Application Developer at Elon University

More Posts

 

Comments are closed.