To-date, no one knows what she did on that laptop but the Executive Director of a leading government entity under the Ministry of Finance got her computer locked up by ransomware. All her information was encrypted and she eventually had to fork out millions of shillings to regain access.
Many of us are conversant with viruses and how they affect our computers or phones. However, they are just one category of crooked software that the bad guys use to mess up technology consumers.
Ransomware is malware (malicious software) that has the tendency to block you from accessing your files or data on that electronic gadget of yours. To regain the access, it requires you to pay a ransom fee.
Ransomware has been with us for a number of years but only gained prominence recently when the largest syndicated attack was launched. WannaCry has been the most prominent ransomware to-date that has had a significant impact on global computer systems. It begun on 12th May 2017 and within hours of rolling out, over two hundred thousand (200,000) machines across multiple countries had fallen victim.
How does it work?
Once the software infects a computer, it then proceeds to communicate to a central server using the very internet access on that computer. When in contact with the server, it requests for further instructions after which encryption commences on the infected computer using the instructions obtained. When the encryption is completed on all files, a message is displayed on the screen requesting for payment to decrypt the files with a threat to destroy this information if no action is taken.
Essentially, it needs all or some of the following;
A data network in order to spread from one computer to the other
A seemingly legitimate file/document through which it can be propagated
A vulnerable computer operating system
What are the tell-tale signs of Ransomware?
Ransomware manifests in some or all of the following ways;
Encryption of all types of data/files
Display of hijack message to alert you
Request for payment in BitCoins
Transfers data to the central server eg passwords and email addresses
How can I avoid becoming a victim of Ransomware?
Backup: Let us face it, the damage caused by ransomware boils down to denying you access to your data. If that is the case, then having a frequently updated backup of all your computer data will mean that no amount of threats can make you yield to the demands of attackers. You can simply set up your computer afresh and restore your data from the backup.
Software Updates: First of all, ensure that you are running legitimate software on your computer (avoid pirated copies especially of Operating Systems). With legit software, you need to keep updating it as per the advisory of the company that supplies the software. There is always a good reason why they come up with frequent updates.
Anti-Virus: It is advised that you make the presence of a recognised anti-virus software on your computer a must. Frequent database and engine updates are crucial too, considering that the suppliers of this software are always evolving it to meet the ever changing tactics of the hackers out there. Good anti-virus software has the ability to prevent some of these fishy emails or files from accessing your computer.
Be slow to trust: In real life, we are always suspicious of that stranger who approaches us with a proposition on the roadside. Why then do we drop our guard and choose to trust any email we receive promising all sorts of things to us? Hackers are using Phishing Emails a lot lately to trick users into clicking certain links that then proceed to download the malicious software onto the computer. Other avenues are malicious website adverts and apps.
If you run an organisation, this is the time for you to have a comprehensive and regular Cyber Security training programme that will ensure that your staff are always aware about the dangers lurking out there on the internet and how they can grossly affect your operations.
Scenario1: You get to office one monday morning ready to complete a key business proposals due to be submitted before the end of day only to be met by a ransom notice on all the office network computers.
Scenario2: Your accountant is misled by an email into enabling macros as he tries to open an attachment that has been sent to him. The office accounting software runs off his computer and within a few minutes, the ransom notice pops up. Invoices can’t be generated or printed, all your accounting records are inaccessible and the tax authorities are demanding some overdue reconciliations.
These scenes can be real, but you have a choice to avoid seeing them happen. Do you have a need for guidance on this and other cyber security related matters? Do not hesitate to contact me on the email given below.
Let us fight Ransomware.
James Wire is a Small Business and Technology Consultant based in Kampala, Uganda
Follow @wirejames on Twitter.
Email lunghabo [at] gmail [dot] com