Ransomware scammers targeting universities and businesses

Ransomware scammers targeting universities and businesses – but data can be unlocked

MEDIA RELEASE – Wednesday, April 27, 2016

Ransomware cybercriminals have cranked up their activities a big notch and are specifically targeting New Zealand universities and businesses.

Otago University recently put an alert on its website warning of a significant increase in attacks aimed at the university. Auckland University also now warns about the increasingly common crypto-ransomware attacks on its website too.

And last year saw multiple Kiwi businesses and individuals targeted – 114 Kiwis were targeted in one day in just one ransomware attack. One business paid out $11,000 to have its data unlocked and another paid $9,000.

But cyber-security expert Brian Eardley-Wilmot, MD of Auckland’s Computer Forensics, says “people shouldn’t panic”.

“This is the aim – to scare the living daylights out of you. But we have successfully unencrypted many cases of ransomware software. We can’t guarantee we can always do it, but if we can’t there is no charge. We’re also getting experienced dealing with infected iPhones and iPads.”

Mobile devices – including Apple iPhones and iPads – are also now being increasingly targeted. One recent nasty attack saw a message allegedly from the police appear on mobiles saying the victim had been found to have child porn and if $200 (ransom) wasn’t paid the message would be sent to everyone in the person’s address book.

Eardley-Wilmot said ransomware cyber-criminals were now taking a more business-like approach to targeting organisations and businesses. “They’ve moved beyond random attacks on individuals and are now targeting bigger fish. Some are even pricing their demands in line with how big an organisation is and its market value.”

The targeting of New Zealand universities and businesses mirrors recent ransomware attacks in the US that have seen hospitals, schools and even the police targeted.

Ransomware is a virus, but what makes it particularly nasty is that it locks up (encrypts) the victim’s data. The cybercriminals then demand a ransom of anything from a few hundred to thousands of dollars before unlocking your data – but with no guarantee they will do so.

Eardley-Wilmot says Computer Forensics – which has 16 years’ experience of computer security and fraud – can usually help organisations unlock malware-encrypted data. “But organisations can do a lot to protect themselves too.”

He offered this advice:

Five tips on how to beat ransomware scammers

· Back up fully and often – and to devices and places not connected to your computer or network. This means having removal storage, such as a second hard drive that can be disconnected, or a CDR, DVD or Blu-ray disc, or even a modest USB flash drive. Back up remotely to the cloud too. If your data is backed up, you need not fear it being locked up by scammers unless you synchronise an infected machine to your cloud account.

· Update your software regularly to ensure all those vulnerable holes that scammers exploit to get into systems are patched and closed off.

· Educate your staff (and yourself) to guard against any emails that look the least bit odd, or come from an unknown source. Don’t open them and certainly don’t click on any links or open any attachments unless you positively know that the email is genuine – this is how scammers wriggle in. Make that call to find out if the sender is legitimate. If you click on emails regardless of the source you will get infected.

· Act fast and shut down if you become infected. Do so immediately, so as to limit the spread of the virus’ infection.

Eardley-Wilmot also advised people not to try and fix a tainted PC themselves. “Call in the experts. There is a danger the virus may copy from machine to machine if you play around with it.”

ends

© Scoop Media