TECHNOLOGY
Survival guides from yesteryear were great when lost in the woods or trying to send smoke signals from a desert island – but they’re not much use when your Facebook account has been hacked or your PC has been infected with ransomware. Mike Peake suggests
How to arm yourself against cyber attack.
You’ve been hit with a ransomware demand. Ransomware attacks are on the rise, and they can happen to anyone. If you’re not familiar with the concept, here’s a quick explainer: a PC user who has inadvertently installed malware on his/her computer, suddenly sees a message onscreen that says their data has been locked and that a fee (ransom) needs to be paid if they want to get it back.
UAE-based Haider Pasha, Norton cybersecurity expert at Symantec, says recent research from the Norton Cyber Security Insights report (NCSIR) found that one in 10 UAE residents had already been affected by ransomware. ‘This number could potentially be higher as not everyone likes to admit that they have had their machine compromised,’ he says.
Haider explains that there are a couple of different scenarios in which the ransomware demand may appear on the user’s screen. ‘Generally, a pop-up message will appear on the screen indicating that your files are locked and you will need to pay a certain amount to retrieve the key to unlock your files,’ he says. In some instances, hackers can threaten to increase the ransom should you not pay by a certain deadline.
As well as this, there are a browser-style ransomware demands that can freeze your computer and stop you from using it – but without encrypting your files. Haider says that browser-style ransomware is generally easier to recover from.
But what exactly are cybercriminals demanding? It’s all about money, unsurprisingly, payable by Bitcoin. Of those who paid, 51 per cent did not get their files back. Paying up was money down the drain, and during the first six months of 2017, the average ransom demand was for a sum of $544.
‘Norton/Symantec strongly advise against paying,’ says Haider. ‘As statistics suggest, there is no guarantee you will receive the key to unlock your files, and even if you do, it would simply identify you as a potentially repetitive target for future attacks.’
Haider points out that Bitcoin is commonly used by cybercriminals due to its ability to shield trading parties from law enforcement. ‘Paying the ransom continues to perpetuate the threat and, most importantly, there is no guarantee that you will actually get the encryption key to get your files back,’ he says.
Free keys are sometimes available, however: depending on the age of the attack, some security organisations publish decrypted keys for victims. ‘Users should be careful they can trust the sources before downloading those keys,’ Haider cautions.
The best solution, insists the expert, is to begin practising good cyber hygiene from today. This means regular back-ups to protect your most important files and keeping your software – including your browser and security software – up to date with all updates and patches. ‘While your machine is likely to be repairable after an attack,’ Haider says, ‘this does not mean that you will get access back to your files as they have now been encrypted, and only the cybercriminal has the encryption key.’
If you have paid up and your data has been returned to you, Haider recommends that you run a scan on the machine to ensure the infection has been removed – and vow to sign up for more robust security going forward.