On a typical day in November last year, tech expert Flavio Faccin sat down at his desk to read emails.
A strange invoice from a marketing firm caught his eye, prompting him to open the attachment.
Up popped this message.
Two minutes later, he received another email demanding payment of $1400 or else all of his computer’s files would be locked forever.
“I truly was stunned,” says Mr Faccin, “as I never thought I would be the one to fall into such a trap.”
“I was sure that our firewall and anti malware would have picked it up, but it didn’t,” he says. “We got quite panicky.”
The trap into which Mr Faccin had fallen is called ‘ransomware’, a type of attack that forces the victim to pay exorbitant sums of money in order to regain access to their hacked files. Luckily, he knew enough about computers to be able to defeat the attack by overwriting the infected data with a back-up.
These tech-savvy ransom attacks have always been part of the hacker’s arsenal, but the problem has spiked in the past 18 months, says Threat Intelligence founder Ty Miller.
One type of ransomware, known as ‘CryptoLocker’, has extorted approximately $3 million via 500,000 infected machines worldwide, says Mr Miller, a well-known security specialist.
“Organisations with a large number of users who have a reliance on ineffective traditional security controls, such as anti-virus and intrusion prevention signatures, are at the most risk,” he says.
A mutating threat
These attacks are becoming nimbler, more sophisticated and more dangerous, Cisco security general manager Anthony Stitt says. New strains aim to steal private data as well, rather than just extorting money, making the method “even more serious”, he says.
“New forms of attacks continually pop up almost every day, which is making it harder for defenders to protect against these growing attacks,” Mr Stitt says.
Where once the problem was restricted to personal computers, the viruses have now spread to smartphones as well, says Fortinet ANZ director of engineering Gary Gardiner.
“There has been a raft of ransomware making its way on to phones and tablets,” Mr Gardiner says.
“So yes the problem is growing as the number of platforms that can be attacked is increasing.”
In recent months, many Australians have been targeted by official-looking emails purportedly from trusted companies like Australia Post or the NSW Government.
How to prevent ransomware
Secure Thoughts trend analyst Leigh Purtle says most of these attacks are initiated by email, and thus the best way to avoid getting caught out is to be “very vigilant” about the emails you click on and open.
• treat emails from people you don’t know with caution;
• carefully check emails from government organisations and banks for grammar and spelling errors, as this is a clear warning sign;
• never click links in emails unless you are certain that you trust the sender and the content;
• keep your antivirus and malware software up to date; and
• back-up important files on services like Google Drive.