Retro Blockbuster Plot: Sometime in the 1980s – a filthy rich industrialist – his beautiful daughter – a constant target for kidnappers – always accompanied by bodyguards – one fateful day – kidnapping succeeds – hefty ransom asked – her big strong bloke comes to rescue – happy ending!
Nah!! Kidnappers today have become very tech-savvy and, if I might say, lazy too. They have found far easier ways to lay (virtual) hands on, not just rich industrialists, but simply any poor gullible person. These cybercriminals hijack a victim’s device and encrypt valuable information in lieu of a ransom.
What is ransomware?
Ransomware is a type of malicious software that locks your data, making it inaccessible, until a ransom is paid. This is done by getting access to your device, say a mobile phone, a laptop, or a PC, which is connected to a network, and then garbling its files. The files can be recovered by following instructions to pay a ransom in the form of digital currency. The masterminds lock the device’s screen and leave a cold message informing of the attack, the payment details, and some untraceable contact number or email ID. We will see later in this article what options and rights a victim has, to come out of this situation. Caution: there is no guarantee that the hackers will act even after paying the ransom!
Can I be targeted?
Sadly, yes. Anyone and everyone is prone. As much as you may want to believe that cybercriminals only target big players, often they’ll take a shot on anyone. Individuals and businesses are at equal risks.
Why?
The motive behind ransomware is solely “money”. Rarely is it revenge, and that is the reason why anyone is susceptible. Alternatively, a targeted attack means that you possess valuable data, which makes you an asset for the attackers.
How?
Ransomware is spread through malicious or deceptive emails, free or pirated software, malicious websites, infected external drives, or some backdoor entry through unsecured ports on your device. Accessing any of these carelessly will expose you to the threat.
The Australian Cyber Security Centre (ACSC) continues to maintain that ransomware remains one of the greatest cybersecurity threats in Australia and has issued a latest threat advisory.
What if I become a victim of ransomware?
As with any problem you face, first and foremost is to not panic. Breathe. Calm down. Breathe again. Let us lock at the Do’s and Don’ts to help reduce the damage as quickly as possible.
Do’s
· Isolate the infected device from the network to stop its spread to other devices
· Run your antivirus software on the device, if possible
· If you have disclosed your credit card or bank details, contact your financial institution immediately
Don’ts
· Do not contact the address or number provided by the attacker
· Do not click on any links provided by the attacker
· Do not restart your device
· Do not attempt to pay the ransom
What are my recovery options?
If you are in a habit of frequently backing up your data, then you may simply use your backup to restore the infected files and forget about the issue. It is still a good idea to follow the Do’s mentioned above.
Alternatively, the Australian government encourages you to visit No More Ransom to help retrieve your data. No More ransom also aims to educate users on ransomware and its prevention. It is supported by Australian Federal Police and other law enforcement and IT security companies worldwide.
What are my rights?
Australian Federal Police urge you to report the crime in the first instance to the Australian Cyber Security Centre.
How can I stay safe in future?
Staying vigilant and always suspicious will help you prevent most of the attacks.
Always be aware of suspicious emails
Check the sender’s email ID. If it is not familiar, avoid clicking on any attachments or links
If it is from a known source, yet something about it doesn’t feel quite right, do not click or open links and attachments
Have updated anti-virus software on all your devices
Beware of free installable software and freebies from the internet
Watch what websites you access, and read every single message popping up from the website before clicking on it
Verify links before clicking
Hover the mouse on the link text and the redirection address will show up on the left-bottom corner of your browser window. Note if this looks like a genuine address
For any important looking link (like bank, Medicare, ATO, etc.) coming from an unreliable source (through random email address, messages, or advertisements), visit the original website and verify first
Download from trusted websites only
Backup your data frequently, to reduce the impact of a ransomware attack
Lastly, keep yourself updated and aware through the right channels like Stay Smart Online
Further reads
· https://www.cyber.gov.au/news/ransomware-continues
· https://www.staysmartonline.gov.au/protect-yourself/recover-when-things-go-wrong/ransomware
