Last week, the Reporting and Analysis Centre for Information Assurance MELANI reported on the current spread of encryption Trojans, so-called «ransomware». How can private individuals protect themselves?
Ransomware is a certain family of malware. This usually spreads via malicious e-mail attachments or infected websites. Once installed, «ransomware» will encrypt files on its victims’ computers and on any connected network drives and storage media (for instance USB sticks). Victims are then unable to use these encrypted files again. Once files on a computer have been encrypted by this «ransomware», victims are shown a «blocking screen». This asks victims to pay a certain sum of money in the shape of an Internet currency (for instance Bitcoin) to the attacker, for them to release encrypted files so they can be used again (ransom). Due to the use of an Internet currency, it becomes more difficult to trace authorship of the attack. However, complying with the attackers’ demands and making a payment to them does not guarantee that victims will regain access to their encrypted files. In addition, such payments will finance the attackers’ business model and allow them to continue their “ransomware” attacks and infect and harm further victims.
Some simple, but effective protective measures
You can take the following four measures to protect yourself as a private individual:
- Regularly create a back-up copy of your data. You should store your back-up copy off-line, i.e. on an external medium, such as an external hard drive. You should also make sure to disconnect the medium used to hold your back-up copy from your computer once the back-up finishes. Otherwise, it is possible for data on the back-up medium to become encrypted and unusable in case of a «ransomware» infection, too.
- Always keep all software and plug-ins installed up-to-date. Ensure that all installed software, apps as well as web browser plug-ins (for instance Flashplayer, etc.) are always up to date. Whenever possible, use the automatic update feature of your software.
- Always be wary of suspicious e-mails, such that you receive unexpectedly or those originating from an unknown sender. Don’t follow any instructions in the text, don’t open any attachments and don’t follow any links.
- Install antivirus software and keep it continuously updated with the help of automatic updates. Otherwise there is a risk that newly developed malware is not recognized.