Life Tech What is ransomware? The malware cyber-attack explained

What is ransomware? The malware cyber-attack explained

Australians are no stranger to ransomware, but many have no idea what it is.
Tweet Share Reddit Pin Email

The latest global attack ransomware has been described as “unprecedented” in scale, but Australia is no stranger to ransomware.

So as the world waits to see the extent and cost of the malicious virus, everyday Australians are asking exactly what is ransomware?

Ransomware is a type of malware virus that takes over a computer and prevents users accessing data until a ransom is paid.

In most cases, the software infects computers via links or attachments in malicious messages known as phishing emails.

“The idea is to try to trick the victim into running a malicious piece of code,” said Jerome Segura, a senior malware intelligence researcher at Malwarebytes, a US-based company that has released anti-ransomware software.

“The age-old advice is to never click on a link in an email.”

How does it work?

“Ransomware, like the name suggests, is when your files are held for ransom,” according to Peter Reiher, an adjunct professor at the University of California, Los Angeles, who specialises in cybersecurity.

“It finds all of your files and encrypts them and then leaves you a message. If you want to decrypt them, you have to pay.”

The ransomware encrypts data on the computer using an encryption key only the attacker knows. If the ransom is not paid, the data is often lost forever.

Mr Segura said that in most cases the attackers change the wallpaper of the computer and give specific instructions about how to pay.

Most attackers demand up to $US500 ($A676) to remove the malicious ransomware. The price can double if the amount is not paid within 24 hours.

How do you prevent a ransomeware attack?

Users should regularly back up their data and ensure security updates are installed on their computer as soon as they are released.

Up-to-date back-ups make it possible to restore files without paying a ransom.

Friday’s global cyber attack exploited vulnerabilities in some versions of Microsoft Windows.

Microsoft has released software patches for the security holes, although not everyone has installed those updates.

Users should look for malicious email messages that often masquerade as emails from companies or people they regularly interact with online.

It is important to avoid clicking on links or opening attachments in those messages, Mr Villasenor said.

Australia no stranger to attack

The Australian Competition and Consumer Commission received 6210 reports relating to ransomware and malware scams in 2016, its latest scams report released on Monday shows.

The consumer watchdog says there has been a rise in scams targeting businesses and warns hacking, malware and targeted phishing now present significant financial and reputational risks to business.

While most Australian victims did not lose money after their computer was blocked amid demands for a ransom to be paid, 227 people lost a total of $241,881.

The majority of the ransomware victims were individuals but the ACCC said reports indicated there was an increase in ransomware emails to businesses.

The most reported ransomware scams targeting Australians last year were delivered through fake emails purporting to be from Australia Post and the Australian Federal Police, the ACCC report said.

The emails ask the recipient to follow a link or open an attachment, causing malicious software to be downloaded that locks their computer.

Ms Rickard said scams targeting businesses are becoming increasingly sophisticated using modern technology to make fake emails, invoices and websites appear legitimate to even the astute business person.

“These scams can have devastating effects on businesses, undoing years of hard work, eroding confidence in their brand, increasing operational costs and in extreme cases may even cripple those businesses,” ACCC deputy chair Delia Rickard said.