Hackers holding data hostage for cash in ‘ransomware’ scams
According to information security company Trend Micro Inc., its security software detected ransomware on 62,400 personal computers from January to November last year.
So-called ransomware attacks are spreading, in which hackers use malware to lock data on a victim's computer and demand money to restore the data. Smartphones are also at risk of being infected with ransomware, and victims could lose important data such as family photos. Careful countermeasures are needed.
For all latest news, follow The Daily Star's Google News channel. According to information security company Trend Micro Inc., its security software detected ransomware on 62,400 personal computers from January to November last year. While the figure covers an 11-month period, it is nearly 10 times the previous year's 6,700. The number of reports of damage also rose to more than three times the level the year before.
In addition, the number of cases in which ransomware has been detected on smartphones equipped with the Android operating system has been growing rapidly.
Ransomware spreads mainly via spam emails. A computer is infected by opening a file attached to an email or another operation. As a result, images, videos, documents and other files are encrypted, making it impossible for victims to open them. Computers may also be infected via websites that have been illegally altered.
At about the same time the data encryption occurs, a message appears onscreen, demanding a ransom to restore the data taken hostage. The amount varies, but many victims have been asked to pay tens of thousands of yen (hundreds of dollars). Virtual currencies such as bitcoin are used for payments, which are made online so it is unknown who will receive the money.
Home PCs 'no exception'
The media often report damage to companies and organisations, but home personal computers have also been affected. "Emails that infect computers with ransomware are distributed to a number of unspecified targets, and personal computers at home are no exception," security specialist Katsuyuki Okamoto of Trend Micro said.
Recently, there have been severe cases in which hackers destroy data after the payment deadline has passed or completely disable computers so victims can't use them by locking the computer screen.
Even if a victim pays the ransom, there is no guarantee the data will be restored. "The money can be used to fund criminal organisations, which could cause further harm, so victims should not pay it," Okamoto said.
According to Senior Security Researcher Nobuhiro Tsuji of SoftBank Technology Corp., a ransomware "kit" is being illegally traded, which is causing the damage to spread. "There appear to be main figures who pay rewards to those who actually carry out ransomware attacks and sometimes invite victims to become an attacker," Tsuji said.
How can we escape ransomware?
To prevent infection, it is necessary to keep updating one's operating system, browser, security software and other tools at all times. Many recent software programs automatically update themselves.
Delete dubious emails, including anonymous ones, without opening them. Be wary of emails with the subject line written in English, and do not browse unfamiliar websites or click ads without reason.
These measures will significantly reduce the risk of infection, yet it is impossible to completely defend against ransomware.
If your computer is infected, you should consult your security software manufacturer. However, since it is difficult to decrypt affected files, encrypted data cannot be restored in many cases.
"Frequent data backup is important to prepare for infection," Tsuji said. Important data such as family photos should be stored not only on personal computers but also on optical disks such as DVDs. Non-rewritable media would be safer.
It is good to use USB and SD memory cards, but you should always detach them from a computer soon after storing data. Do the same when using an external hard disk drive, and never keep it connected to a computer.
When multiple computers are connected to the same network at home, the infection of one computer can spread to the others. If you notice an infected computer, immediately turn it off and disconnect it from the network.
Copyright: The Japan News/ Asia News Network
Comments