It can start with an innocuous looking email from your bank but ends up with you being locked out of your own computer. This happened to Sarah Flanders*, a 35-year-old charity worker from north London, who didn’t think twice about opening an email from paymentsadmin@lloydsplc.co.uk. Unfortunately the email contained malicious software that immediately began encrypting every file on her computer – from precious family photos to private correspondence and work documents. In just a short time all her files were blocked, and then a frightening message flashed up on her screen: “Your personal files have been encrypted and you have 95 hours to pay us $300.”
Flanders is refusing to pay, but fears her personal files are now lost forever. She is one of the latest victims of a particularly malicious piece of “ransomware” called CryptoLocker, which is estimated to have targeted nearly 1m computers over the past month alone. This so called ‘ransomware’ is not new but but in recent weeks internet security firms have reported a surge in computers affected. Some suggest the malware is “on the rampage“, with commercial organisations targeted as often as individuals. One version is cleverly hidden in an email complaint from a supposedly unhappy customer.
While you will no longer be able open, read or view your files, anyone with the decryption key could easily do so. That means any of your documents containing passwords or personal information, along with your photos and videos, could potentially be accessed by cyber-criminals.
I had anti-virus software on there, but the laptop is 18 months old and it wasn’t up-to-date
Flanders says she feels violated. “I am worried the criminals could steal my identity. I had anti-virus software on there, but the laptop is 18 months old and it wasn’t up-to-date,” she says, adding that she is now contemplating buying an external hard-drive. “I wouldn’t consider paying the ransom on principle. The money would go to criminals who have done this to me and will carry on doing it to others.”
CryptoLocker is technically not a virus, but a piece of software which can sneak into your machine via an email attachment or a “drive-by download”, which you would not even be aware is taking place. If you don’t have the latest security updates and anti-virus protection on your computer, all you would need to do is to visit a compromised website or click on a seemingly legitimate online advertisement. Although most up-to-date Anti-virus software can remove CryptoLocker, they cannot remove its effects or recover your files.
According to Symantec, around 3% of people hand over money in the hope of getting their data back. “But remember, you’re dealing with criminals,” Rubin says. “There is no guarantee they’ll send you the key, and if they know you’re susceptible to blackmail what is to stop them from doing it again?”
Like most security threats, prevention, in this case, is significantly better than cure:
- Stay patched. Keep your operating system and software up to date.
- Make sure your anti-virus is active and up to date.
- Avoid opening attachments you weren’t expecting, or from people you don’t know well.
- Make regular backups, and store them somewhere safe, preferably offline.
See the original article here: CryptoLocker attacks that hold your computer to ransom
and more tips on prevention here: 10 ways to beat CryptoLocker
* not her real name.
