Augustenstr. 49, 80333 München
089 / 215 4774 30

1. How to avoid ransomware

Slide1

1. Ransomware

From IT Safety column in Doitsu NewsDigest (translated to English)

One morning, when Ms. Tanaka, the secretary of a international trading company opened her computer, all the files had strange names (random letters) and could not be openend anymore. Her lovely desktop background picture was gone and replaced by a huge red text on black ground saying: “All your important files are encrypted. You have 48 hours to pay 0,5 Bitcoin.”

ランサムウェア

Ransomware is a kind of malware, that encrypts data on the victims computer and asks for a ransom payment. In most cases the victim receives an e-mail with an attachment that contains the malicious software. Often the e-mail address is fake and the mail looks like an invoice or like scanned documents. When the victim opens the attachment, which if often a  ZIP or DOC file, the ransomware encrypts the user’s files so he cannot read them anymore.

Later, instructions are displayed on how to transfer the money with Bitcoin.  The attacker claims that he would send a decryption key, which would allow the victim to recover the data. However, you can not be sure if this would be really the case.

The first cases occured in Russia in 2013, but now ransomware is rapidly spreading also in Japan and Germany, especially Windows-PCs are an easy target. Fujitsu estimantes about 90.000 infections per day [1].  Every day, attackers make about  $ 500.000 USD  (about 50.000.000  JPY)  per day.  Paying a ransom motivates them to make even more sophisticated ransom ware. Therefore the “German Bundesamt für Sicherheit in der Informationstechnik” (BSI) recommends not to pay a ransom, but rather invest in a good backup system. If a computer gets infected, the hard drive can be formatted and data easily restored from the backup. Other security measures that prevent malicious E-Mails entering the computer in the first place will be discussed here later.

Security tips to prevent your computer from being infected by ransom ware:

1) Make a daily backup of your computer

2) Never open strange-looking e-mail attachments.

3) If you are not sure if the sender address of fake or not, make a phone call and ask if he or she really sent this e-mail.

[1] http://www.forbes.com/sites/thomasbrewster/2016/02/18/ransomware-hollywood-payment-locky-menace/

Link to original article in Japanese:
http://www.newsdigest.de/newsde/column/information-security/8447-ransomware.html

March 17, 2017

Leave a reply