 |
» |
|
|
|
Imagine you’re working away at your PC when suddenly a message pops up. Using menacing language, it claims that hackers have taken control of your computer and are currently holding all of your files – photographs, personal documents, financial information, everything – hostage. You can access nothing. The message may even threaten to make your information publicly available. To have your data safely returned, you must pay several hundred dollars to a specified account.
Just as thieves kidnap people and then demand payment for their safe return, ransomware is an extortion scheme in which hackers take control of the victim's computer files and then demand a sum of money for the restoration of the data.
According to a July 2006 report by IT security experts Kaspersky Labs, “holding user data hostage is one of the most dangerous and rapidly evolving types of cyber crime.” And Secure Science Corp. estimates that in the past eight months, 152,000 victims have been infected with ransomware.
But how is it possible for someone to remotely hijack your PC?
Here’s how it works: malicious code is used to seize control of the victim's computer and its files, and the files are then encrypted by this code – thereby rendering them unreadable and unusable. There are several variations on this basic premise.
One crime, many faces
One example is Ransom.A, a Trojan horse that claims it will destroy one computer file every 30 minutes until the victim pays $10.99. To help “encourage” victims to pay the ransom, the Trojan displays a number of pornographic images. However, Ransom.A doesn’t actually delete anything – it’s simply a hoax designed to coerce panicked PC users into paying up.
Another Trojan horse, Trojan.Archiveus, locks computer files with a password. In this case, the scammers don’t demand money in return for the password; instead, they ask the victim to purchase a specific amount of pharmaceuticals from a Russian online pharmacy. Stealthy? Not quite: the virus author made the mistake of placing the password in the code. Sophos Labs cracked the code and published the password on their website.
Still another ransomware-related scheme is for a hacker to break into a company computer system to prove he can do it, and then demand payment for not attacking the system. Online gaming and betting sites, in particular, have been targets for extortion, and it’s been reported that some have paid thousands of dollars to avoid the attacks.
As always: prevention is the best cure
The good news is you don't need special ransomware products to protect yourself or your company. You may already be employing all the measures you need to stay safe: basic IT security procedures like using firewalls, having up-to-date anti-virus and anti-spyware software, keeping your browser and system software up-to-date with the latest patches, and not opening/downloading unknown files, software or attachments.
If you or your business receive a threat of data encryption or destruction, remember that most hackers have no way of truly hijacking or encrypting your files, and are simply trying to extort money from you.
However, if a Trojan horse has already encrypted your files, you may have a more serious problem. Never pay the ransom, as you have no way of knowing if the hacker will actually restore your data. The most critical defensive tactic you can employ is one you’ve likely heard dozens of times: regularly back up your data. Store secure backups of critical files somewhere that isn’t exposed to the Internet. If you’ve not taken this defensive step, you’ll need to contact a security specialist who may be able to help you recover your encrypted data.
Find out how to diagnose and clean malware from your HP notebook or desktop PC.
|
|
|
|
Printable version
