Cy­ber at­tacks prompt warn­ing from OPP

The Glengarry News - - Front Page -

With a rise in “ran­somware” com­puter at­tacks, the Stor­mont-Dun­das-Glen­garry On­tario Pro­vin­cial Po­lice de­tach­ment is warn­ing the pub­lic to be wary of hack­ers us­ing this lat­est scam.

There have been no re­ported in­ci­dents to date in SD&G but peo­ple should re­main vig­i­lant.

In re­cent months there have been sev­eral ran­somware virus at­tacks on busi­nesses and mu­nic­i­pal gov­ern­ment of­fices in On­tario. What is a ran­somware at­tack? A ran­somware at­tack oc­curs when a cy­ber crim­i­nal in­fects a vic­tim's com­puter sys­tems with mal­ware that en­crypts the data on those sys­tems mak­ing them in­ac­ces­si­ble and un­us­able with­out a de­cryp­tion key.

The cy­ber crim­i­nals will then de­mand some sort of ran­som, usu­ally in Bit­coin, in ex­change for the de­cryp­tion key. There are many types of ran­somware that are dis­trib­uted in var­i­ous ways. The most com­mon meth­ods of in­fec­tion be­gin with a phish­ing email or di­rect hack­ing of a vul­ner­a­ble com­puter sys­tem. Who is be­ing tar­geted? Ev­ery­one is a tar­get, but in­di­vid­u­als tend to be tar­geted by mass-mar­ket ran­somware cam­paigns, while busi­nesses and gov­ern­ment of­fices tend to be the vic­tims of more tar­geted at­tacks. Who do you call? Vic­tims of ran­somware at­tacks should con­tact the OPP.

In­for­ma­tion pro­vided to your lo­cal po­lice ser­vice can then be pro­vided to the OPP Cy­ber­crime In­ves­ti­ga­tions Team to as­sist in iden­ti­fy­ing the par­tic­u­lar fam­ily and ver­sions of ran­somware im­pact­ing On­tario.

This in­for­ma­tion should in­clude: a screen­shot/pho­to­graph of the ran­somware de­mand, a screen­shot/pho­to­graph of the en­crypted files in­clud­ing full file name and ex­ten­sion, any con­tact email ad­dress pro­vided by the at­tack­ers and any bit­coin wal­let ad­dresses pro­vided by the at­tack­ers.

What should be done to pre­vent a ran­somware at­tack?

IT tech­ni­cians of pri­vate and pub­lic en­ti­ties should con­stantly as­sess and in­vest in the se­cu­rity of their com­puter sys­tems. An in­te­gral part of preven­tion is to en­sure proper off­line back­ups of com­puter sys­tem data, strong pass­word poli­cies, and cy­ber se­cu­rity ed­u­ca­tion and aware­ness for their em­ploy­ees.

In­di­vid­u­als or busi­nesses re­ceiv­ing a se­cu­rity or fi­nan­cial threat must de­ter­mine for them­selves whether a ran­som should be paid.

The OPP does not sup­port pay­ing ran­somware at­tack­ers, as it only en­cour­ages fur­ther crim­i­nal ac­tiv­ity, and there is no guar­an­tee that pay­ment will re­store the en­crypted data.

That be­ing said, com­pa­nies and in­di­vid­ual vic­tims should ad­dress threats based upon the na­ture and sever­ity of the threat and only af­ter care­fully con­sid­er­ing the best in­ter­ests of the in­di­vid­ual or company's em­ploy­ees, stake­hold­ers and share­hold­ers.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.