Placeholder Content Image

What is ransomware and how is it dealt with?

<div> <div class="copy"> <h3>What is ransomware?</h3> <p>Ransomware is a type of malicious software – AKA malware – that infects and takes control of a device. It blocks access to files or even whole devices, and then sends a message demanding a ransom to grant access to those files.</p> <p>This is a common form of cybercrime that has recently affected <a rel="noreferrer noopener" href="https://www.afr.com/policy/health-and-education/unisa-cyber-attack-hits-staff-email-20210519-p57td5" target="_blank">universities</a>, <a rel="noreferrer noopener" href="https://www.stuff.co.nz/national/health/125294482/cyber-attack-waikato-dhb-counting-ransomware-cost-but-it-remains-to-be-tallied" target="_blank">hospitals</a> and <a rel="noreferrer noopener" href="https://www.abc.net.au/news/2021-06-02/fbi-investigating-jbs-meatworks-ransomwear-cyber-attack/100183376" target="_blank">meatworks</a>. Because it blocks vital data from being accessed, it can <a rel="noreferrer noopener" href="https://www.zdnet.com/article/ransomware-an-executive-guide-to-one-of-the-biggest-menaces-on-the-web/" target="_blank">massively disrupt</a> organisations that use the shared networks and/or the internet – which is, well, everyone at this point.</p> <h3>How does ransomware work?</h3> <p>Malware is infectious software that will download onto a computer, phone or other device. It can be shared though phishing emails, links in messages or other online locations, or fake download buttons. Sometimes it can be difficult to tell whether a link or button is malicious in the first place.</p> <p>When the fake link is clicked, the malware automatically downloads and then hunts through the system or network to identify important data. The software can lock the device or files with a new password, or encrypt files with a secret key, preventing access.</p> <p>This can be exacerbated because malware can be accompanied by social-engineering tools that trick you into granting admin access, or it can exploit security holes to dive into the important files and software on the computer without even needing to get ‘permission’.</p> <p>There are <a rel="noreferrer noopener" href="https://resources.infosecinstitute.com/topic/a-brief-summary-of-encryption-method-used-in-widespread-ransomware/#gref" target="_blank">many ways of encrypting files</a>, but the point is to prevent user access with computer algorithms. Without an up-to-date backup, this data is essentially lost.</p> <p>The user will then often see a ransom note in the form of a message demanding (usually) money to lift the password or encryption.</p> <p>Of course, paying the ransom doesn’t mean the cyber-criminal will actually lift the encryption, and if you have paid up once, there is incentive for the criminal to do it again.</p> <p><iframe title="vimeo-player" src="https://player.vimeo.com/video/497805836" allowfullscreen="" width="640" height="360" frameborder="0"></iframe></p> <p class="caption"><em>Credit: cyber.gov.au</em></p> <p>The real kicker here is that the infectious software can gain access to a whole network of connected devices, even if it has been downloaded on just one computer – which means businesses that have shared data can be completely prevented for accessing anything<em>, </em>including saved files, emails and user profiles.</p> <p>There is no simple explanation of how the programming works – it is complex software engineering that can be continuously updated, and there are <a rel="noreferrer noopener" href="https://www.unitrends.com/solutions/ransomware-education" target="_blank">different examples</a> that can be spread and downloaded in ways the suit the attacker.</p> <h3>What does ransomware look like?</h3> <p>Because malware can pop up in almost anywhere, it is often hard to identify.</p> <p>A lot of ransomware is designed to look like something real, such as a casual email attachment, something shared via social media, or a website that looks <em>almost </em>like a real website you wanted to visit, but has a few different letters in the URL.</p> <p>in one sneaky approach, the attacker can even pretend to be somebody from law enforcement who is “stopping another cybercrime” that they accuse you of, and then demand a fine from you – but there are easier ways to get access to a device.</p> <p>The main thing to remember is that a lot of phishing can be prevented by not clicking suspicious links. Just a little life hack on how not to get hacked.</p> <p><iframe src="https://giphy.com/embed/MM0Jrc8BHKx3y" width="480" height="270" frameborder="0" class="giphy-embed" allowfullscreen=""></iframe></p> <p><a rel="noopener" href="https://giphy.com/gifs/hacker-MM0Jrc8BHKx3y" target="_blank">via GIPHY</a></p> <h3>Who is committing ransomware cybercrimes?</h3> <p>More seriously, this in an increasingly big business – between ransoms paid, loss of data and downtime, costs of recovery, and other security and investigations, ransomware attacks cost the world <a rel="noreferrer noopener" href="https://cybersecurityventures.com/ransomware-damage-report-2017-part-2/" target="_blank">$5 billion in 2017</a>.</p> <p>Cybercriminals are often individuals or work in teams or networks, but there are also <a rel="noreferrer noopener" href="https://cosmosmagazine.com/people/society/cybercrime-can-be-a-tough-game/" target="_blank">crimeware-as-a-service</a> groups that essentially operate as a business.</p> <h3>What cybersecurity measures need to be in place?</h3> <p>Technology develops so quickly that defenders and attackers can get stuck in an arms race, so cybersecurity and trained professionals are <a rel="noreferrer noopener" href="https://cosmosmagazine.com/technology/ai/cosmos-briefing-intelligent-manufacturing/" target="_blank">absolutely essential</a> to an online world, especially as we begin to incorporate more AI and machine learning into our manufacturing. Once ransomware is in a network, it’s extremely hard to remove.</p> <div class="twitter-tweet twitter-tweet-rendered" style="display: flex; max-width: 550px; width: 100%; margin-top: 10px; margin-bottom: 10px;"><iframe id="twitter-widget-0" scrolling="no" frameborder="0" allowtransparency="true" allowfullscreen="true" class="" style="position: static; visibility: visible; width: 551px; height: 389px; display: block; flex-grow: 1;" title="Twitter Tweet" src="https://platform.twitter.com/embed/Tweet.html?creatorScreenName=CosmosMagazine&amp;dnt=false&amp;embedId=twitter-widget-0&amp;features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&amp;frame=false&amp;hideCard=false&amp;hideThread=false&amp;id=1399844326855880704&amp;lang=en&amp;origin=https%3A%2F%2Fcosmosmagazine.com%2Ftechnology%2Fwhat-is-ransomware-and-how-is-it-dealt-with%2F&amp;sessionId=1edacffebc49fba152bed8435892b99ad3545164&amp;siteScreenName=CosmosMagazine&amp;theme=light&amp;widgetsVersion=fcb1942%3A1632982954711&amp;width=550px" data-tweet-id="1399844326855880704"></iframe></div> <p>First and foremost, <strong>keep backups</strong>. If all your files get encrypted but you have another offline backup, it’s simple to restore your data.</p> <p><strong>Always keep your malware security up to date</strong>. Attackers obviously try to get around this security, but it is a whole lot better than having none at all. Many companies test their systems with <a rel="noreferrer noopener" href="https://us.norton.com/internetsecurity-emerging-threats-what-is-the-difference-between-black-white-and-grey-hat-hackers.html" target="_blank">white hat hackers</a>, who attempt to hack their systems to recognise – and fix – the security flaws.</p> <p>Teaching people to recognise <a rel="noreferrer noopener" href="https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams" target="_blank">phishing emails</a> and be cautious about suspicious sites and links is also necessary, but it can only go so far, because phishing material is constantly being ‘improved’ to blend in better. Don’t click on links or open attachments if you don’t know the sender of the email. A lot of these emails suggest you need to make a payment, have breached some sort of contract, or pretend to have blocked access to an account.</p> <p>Because ransomware secretly searches your device, there can be a delay between when a link is clicked and when files are encrypted. There is a rise in predictive analytics and machine learning to help detect this suspicious behaviour and shut it down early.</p> <p>And finally, if you do get attacked, <a rel="noreferrer noopener" href="https://www.cyber.gov.au/ransomware#:~:text=Ransomware%20is%20a%20type%20of,to%20get%20back%20your%20access." target="_blank">don’t pay up</a>, because it’s likely to make you seem like an easy target in the future.</p> <h2><strong>Q&amp;A with a cybersecurity expert</strong></h2> <p>We asked Diep Ngyuen, Senior Lecturer in the Faculty of Engineering and Information Technology at UTS, for a little more depth. This is what they said</p> <h3>How can a cyber-attack effect a whole network?</h3> <p>Cyber attacks target either to bring down networks/systems (make them malfunction) or to compromise the information access authority or integrity.</p> <p>Although the former is often closer and easier to understand to most people, the latter is more popular and the major target of most daily life cyber attacks.</p> <p>For example, DoS (Denial-of-Service) attacks can make a network or service inaccessible for some time, disrupting corporates’ functioning or business. These types of attacks can be easily detected.</p> <p>However, cybercrimes often target high-value information and attempt to illegally access it or even alter the information.</p> <p>The information authority or integrity attacks are more difficult to be detected but their consequences can be very damaging, even much worse than the DoS attacks.</p> <h3>What are some common cybersecurity precautions?</h3> <p>To prevent or reduce risks from cyber attacks, IT core engineers/experts and daily users can take different approaches. However, these approaches all aim to early detect cyber threats, then effectively protect or cure the systems when the attacks really happen.</p> <p>One of the most common precautions [is] to avoid using services/websites, apps, hardware from non-certified or low-reputation sources/providers. These systems often have back doors or vulnerable loopholes that can be leveraged by cybercrimes.</p> <p>The second precaution would be to update and follow security recommendations from governments and experts, e.g., using multi-factor authentication methods, not to share or be cautious on sharing personal/private information like Date of Birth, photos, [etc] on open platforms (even social media).</p> <p>The last, but not least, is to become more aware of cyber threats/risks before deciding to take any action (e.g., do you understand the risk of using Apple pay or using activity trackers?).</p> <h3>How has cyber security changed over the last decade?</h3> <p>Cyber security landscape has been changing dramatically over the last 10 years. This is because of the penetration of IT to every corner of our daily life, from working, entertaining, to sleeping.</p> <p>This is also because of the ever-growing advances in attacks and their countermeasures. In comparison with 10 years ago, the number of connecting devices today has been increased by multiple times.On average, each person now would have more than a few connecting devices (e.g., phones, activity trackers, laptops, sensors at home).</p> <p>These devices, [while they] bring us lots of conveniences, are making us more vulnerable to cyber threats when they are attacked or compromised. More importantly, most of these newly added devices (e.g., in Internet of Things) are limited in computing and storage capability or referred to as low-end devices in cyber security. They are more susceptible to cyber threats. </p> <p>The advances in machine learning and AI also empower cybercrimes, allowing them to launch larger scale and more damaging attacks.</p> <em>Image credit: Shutterstock                         <!-- Start of tracking content syndication. Please do not remove this section as it allows us to keep track of republished articles --> <img id="cosmos-post-tracker" style="opacity: 0; height: 1px!important; width: 1px!important; border: 0!important; position: absolute!important; z-index: -1!important;" src="https://syndication.cosmosmagazine.com/?id=154123&amp;title=What+is+ransomware+and+how+is+it+dealt+with%3F" alt="" width="1" height="1" /> <!-- End of tracking content syndication -->          </em></div> <div id="contributors"> <p><em>This article was originally published on <a rel="noopener" href="https://cosmosmagazine.com/technology/what-is-ransomware-and-how-is-it-dealt-with/" target="_blank">cosmosmagazine.com</a> and was written by Deborah Devis. </em></p> </div> </div>

Technology

Placeholder Content Image

What Windows users must do to protect themselves from ransomware

<p><em><strong>Lisa Du is director of <span style="text-decoration: underline;"><a href="https://readytechgo.com.au/" target="_blank">ReadyTechGo</a></span>, a service that helps people gain the confidence and skills to embrace modern technology. </strong></em></p> <p>Windows 10 has some great hidden features! By now, you've probably heard of Ransomware – a very nasty malicious software which infects PCs and encrypts (locks up) your files. Basically holding it at ransom until you pay a ransom. <br /> <br /> To defend yourself against Ransomware, you need to:</p> <ul> <li>Backup your files regularly on a separate system such as a portable/external hard drive</li> <li>Make sure this hard drive is not connected to the internet! </li> <li>You also need to ensure you have strong security and antivirus software installed on your computer</li> <li>Always install updates as companies release software updates for your device in order to fix vulnerabilities that can be exploited to install ransomware. </li> </ul> <p>Today, let's look at a Windows 10 feature you can switch on to protect yourself against this malicious software!</p> <p><strong>Controlled folder access</strong></p> <p>This feature will “protect valuable data from malicious apps and threats, such as ransomware.”</p> <p>As explained by Microsoft, “Controlled folder access monitors the changes that apps make to files in certain protected folders.</p> <p>“If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt.</p> <p>“You can complement the protected folders with additional locations, and add the apps that you want to allow access to those folders.”</p> <p><strong>How to enable controlled folder access in Windows 10:</strong></p> <p style="text-align: center;"><img width="467" height="" src="https://gallery.mailchimp.com/e785dd9ba906ed79fad48bd7e/images/176468db-6a31-423a-9ffc-331b3f1a008f.png" class="mcnImage" style="max-width: 600px; line-height: 100%; outline: none; vertical-align: bottom; height: 290px;"/></p> <p>1. Open the Windows Defender Security Centre.</p> <p>2. Click on the Virus &amp; threat protection icon.</p> <p style="text-align: center;"> <img width="410" height="" src="https://gallery.mailchimp.com/e785dd9ba906ed79fad48bd7e/images/d8513731-88d1-44d2-8d46-e84aefbb8d0b.png" class="mcnImage" style="outline: none; text-align: center; max-width: 600px; line-height: 10px; vertical-align: bottom; height: 363px;"/></p> <p>3. On the next page, click the Virus &amp; threat protection settings link.</p> <p style="text-align: center;"><img width="415" height="" src="https://gallery.mailchimp.com/e785dd9ba906ed79fad48bd7e/images/1f338cbe-f5b0-4520-a65a-017a0f489332.png" class="mcnImage" style="max-width: 600px; line-height: 100%; outline: none; vertical-align: bottom; height: 368px;"/></p> <p>4. Enable the option Controlled folder access.</p> <p>Ensure you turn this feature on, and if, for any reason you are attacked, never pay the ransom! Paying the ransom fee encourages attackers and you may not get your files back anyway!</p> <p>If you have a backup of you files on an external hard drive, you can restore your device from your backup.</p> <p>If you have any questions, please get in touch with us!</p> <p>For those of you interested in learning how you can back up files to "Cloud". make sure you come along to our workshop next Wednesday! Only a few places left in this interactive, hands on workshop!</p> <p>Were you aware of this safety feature?</p>

Technology

Placeholder Content Image

How to protect your PC from ransomware

<p><em><strong>Lisa Du is director of </strong></em><strong><span style="text-decoration: underline;"><a href="https://readytechgo.com.au/" target="_blank">ReadyTechGo</a></span></strong><em><strong>, a service that helps people gain the confidence and skills to embrace modern technology. </strong></em></p> <p>By now you've probably heard that there’s been a recent spate of ransomware attack holding computer systems hostage worldwide, with increasing cases reported in Australia.</p> <p>Here are the three tips you need to know to avoid becoming a victim:</p> <p>If you are running older versions of Windows, you could be vulnerable:</p> <ul> <li>Windows 8</li> <li>Windows XP</li> <li>Windows Server 2003</li> </ul> <p>To make sure you are protected, please upgrade your computer to the latest version of Windows.  </p> <p><strong>Turn on Windows Update</strong></p> <p>We see many people disabling Microsoft's automatic updates because it can auto install at a time which is inconvenient to you.</p> <p>To turn on Windows update, head over to the Control Panel and switch your automatic updates back on.</p> <p><strong>Install a ransomware blocker</strong></p> <p>You may have antivirus protection on your computer, and it won’t hurt to install a dedicated Ransomware Blocker. Try <span style="text-decoration: underline;"><strong><a href="http://download.cnet.com/Malwarebytes-Anti-Ransomware/3000-2239_4-77531704.html" target="_blank">Malwarebytes Anti-Ransomware</a></strong></span> (in beta) or <span style="text-decoration: underline;"><strong><a href="http://download.cnet.com/RansomFree/3000-2239_4-77455697.html" target="_blank">Cybereason Ransomfree</a></strong></span>.</p> <p><strong>Back it up</strong></p> <p>Back up your computer! Either to an external hard drive or to cloud storage.</p> <p>If anything happens, you won't lose your precious information!</p> <p>Remember, if you receive an email from a scammer, it can look pretty legitimate.  Always look for signs of a scam before you click or open attachments!</p> <p>Have you ever fallen victim to an online scam?</p>

Technology

Our Partners