The computer virus that blackmails you! (Cryptolocker and Bitcoin Ransomware)
You are here
Dear Staff and students
Ransom-ware (look at understanding Ransomware) is the latest tool in the cyber criminal's arsenal and it essentially works by blocking access to your files, while simultaneously demanding payment in return for restoring access – an attack that can earn cyber criminals big money.Most victims have been random citizens infected by a phishing e-mail, spam or a fake software update. It may also arrive via a drive-by-download attack on a bogus or spoofed Web site.
Users usually come to be infected after clicking a link or opening an attachment,and the virus will then look to encrypt the hard drive. The ransomware alert will appear on screen and cannot be minimised. At this point, the attacker(s) will request a ‘modest' amount of bitcoins/digital money for the files to be unlocked.
The danger in paying is that there is no guarantee that the cyber criminals won't return for another payday. The best bet is to go back to your most backed up files.
The question is: could ransomware be used to hit organisations that hold the most capital – that is, the banks? Up until this point, the answer has been a straight ‘no'. Banking defenses are better than most other sectors, and the only ransom-ware to target banks was actually aimed at their customers, mainly through phishing e-mails.
This new strain of ransom-ware virus known as bitcoin is very similar to it's predecessor cryptolocker which encrypts large volumes of files.Those people that have been affected by cryptolocker have had a large number of their files encrypted and therefore the user is unable to access them. These files are primarily popular data formats, files you would open with a program like Microsoft Office, Adobe programs, iTunes or other music players, or photo viewers.
HOW TO PROTECT AGAINST RANSOM-WARE (Bitcoin and Cryptolocker).
Measures against Bitcoin and Crptolocker are mostly preventive and not curative measures.
1) ALWAYS BACK-UP YOUR DATA:The biggest scare of Bitcoin and Cryptolocker,is that once the files are encrypted,there's hardly anything that can be done to restore them (decrypt).Therefore always keep a back-up of your files on a removable drive or on the cloud (GoogleDrive,Microsoft OneDrive,DropBox etc).
2) SHOW HIDDEN FILE-EXTENSIONS.
One way that Cryptolocker frequently arrives is in a file that is named with the extension “.PDF.EXE”, counting on Window’s default behavior of hiding known file-extensions. If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files. (Click the Start menu > Type "folder options" (without the quotes) > A dialog box with the title "Folder Options" will appear > Click to uncheck the box for "Hide extensions for known file types" > Click the "OK" button at the bottom of the dialog box.)
3) PATCH OR UPDATE YOUR SOFTWARE.
Always make sure your operating system files are up-to-date (Start>PC settings>Update and Recovery>Windows updates> then click check for updates)
4) USE A REPUTABLE SECURITY SUITE: The university-wide enterprise security solution sophos,should always be updated http://viruscheck.mak.ac.ug/. Also visit,https://www.sophos.com/support/knowledgebase/120797.aspx
5) Avoid downloading unknown file attachments in your emails and clicking on pop-ups and unknown downloads.
Please visit the Microsoft Security Center for more information on ransom-ware.
https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx