You have probably heard of it: ransomware. In plain English: hostage software. Currently, ransomware is one of the biggest Internet threats. And no, not only for companies like the MediaMarkt, or other institutions. You too can become a victim of this.
What is ransomware?
Ransomware is a type of malicious software designed to invade your device. It then encrypts the files on it (cryptoware) or otherwise makes them inaccessible. In doing so, hackers almost always take into account the type of device and the operating system running on your computer. Only after you pay a ransom - the 'ransom' - can you get a code to access your files. Payment of the ransom is almost always in the form of Bitcoins. This makes locating and prosecuting the perpetrators almost impossible.
The VU has a policy that it will not pay ransom to cybercriminals. You must decide for yourself whether, if you are ever affected by an attack, you want to do so. Do know that by paying you are actually helping to popularize this form of cybercrime. Apart from that, it regularly happens that despite a payment, the victim does not receive a code.
How do you get ransomware?
Usually a device is infected via a malicious email with a link that is clicked on. Of course, everyone knows that you should not just click on links in an email message. But cybercriminals try to trick you into doing so anyway. For example, with a promise of a prize won: click here to collect your prize! Or you may receive a message about a traffic fine, a debt collection order, or a failed delivery attempt of a mail package. Details are supposedly found in the attachment. A somewhat less common variation is that your favorite website displays an interactive ad from a third party, which in reality has been hacked. All you have to do is click on it...
What happens after you click on the link is anyone's guess. A malicious piece of software is downloaded to your device or executed from the file attachment you opened and your device becomes infected.
What can you do about ransomware?
The chances of losing important files are extremely high with ransomware. Therefore, it is of the utmost importance that you prevent infection. Admittedly, with (Apple's) macOS and Linux you run less risk, but these systems can also be hit.
- The simplest thing: keep all software up-to-date, such as operating system, internet browser, browser add-ons and handy programs, such as Adobe Reader. Vendors regularly improve their products and fix weaknesses found in their software.
- You are not there yet: install an antivirus program. Not only on your Windows laptop but also on your Android smartphone and/or your Apple device. Through Surfspot you can purchase one at a discounted rate,
- Always look carefully at the title of an email or who it comes from. If you don't bank with a particular bank, it's not likely that they will send you an email asking you to verify your account.... right?
- So don't just click on attachments and links in emails unless you're sure it's trusted. In doubt? Then take a look at the website of the Fraudehelpdesk. Here is an overview of the latest trouble known to them.
- Pay attention to the extension of a downloaded file. Ransomware is often disguised as a different kind of file, for example as a PDF document or ZIP file. It also happens that the fake extension actually masks an executable file. Enable 'show file extensions' so that you can see through such a disguise. You can have a suspicious file analyzed for free by an online tool such as VirusTotal. In doing so, you also contribute to informing the security community.
- Be careful not to turn on macros in third-party Office documents, especially if the document asks you to do so.
- Make regular backups. In the event of a ransomware infection, this is often the only recourse to reverse the loss of all your data. A tip: don't leave your backup device constantly connected to your laptop and only connect and disconnect it when you are actually making a backup. This will prevent your backup from becoming encrypted as well.
- For bulk storage, preferably use a cloud solution that has version control.
- Increasingly, services are offering free multi-factor authentication as an additional protection.
Traditional methods require an extra piece of hardware (for example, a USB device (Yubikey) or a scanner), which issues a code. That code must be entered on the login page. There are also credit card-sized cards that must be inserted into a reader. A modern application is that of the software-based 'authenticator'. Such as those of Apple, Microsoft and Google that you can install on your smartphone and which generate a code that you must enter on a login page. The VU also uses this methodLinks to an external site. for a number of applications.
- Join in the fight against ransomware and other junk by reporting fake emails to the Fraud Help Desk.
I am a victim of ransomware. What now?
- Call in the police, always file a report.
- Get out and immediately check all your devices with an anti-malware tool. Sometimes renowned antivirus software providers such as Avast, HitmanPro, Kaspersky, Norton and McaFee provide a free program that could make your files accessible again.
- If you use a smart network or cloud storage, you can probably use version control to recover files. In that case, though, avoid re-infection and make sure the infected device has already been cleaned by an anti-malware tool. Better yet, have all your devices scanned.
- If you still can't get your important files back, it will probably cost you money. If you have really lost important files, consider getting professional help.