The Reporting and Analysis Centre for Information Assurance (MELANI) has just released its latest report on cyber threats and the protection of personal and business information. One aspect, which is particularly worrying for everyday computer users, is extortion malware or ransomware. This is used to extort money from the owners of infected computers.
The principle is frighteningly simple. Spread by infected e-mail attachments and via bogus websites, the attacks result in what are known as website infections or drive-by downloads. Common types of ransomware display a message on infected computers that appears to be from the police or other authority. It demands immediate payment of a fine claiming that illegal information was stored on the infected computer. It threatens that if payment is not made, all files on the hard drive will remain inaccessible. However, this type of malware is relatively benign as it does not cause any real harm to files on the computer and the block can be removed by relatively simple means. In most cases, the nuisance can be removed by with up-to-date antivirus software.
According to the MELANI report, much more serious is a CryptoLocker malware infection, which was introduced for the first time in Switzerland last November. CryptoLocker also encrypts all of the data on the hard disk and all other data devices connected to the computer, meaning that the victim can no longer access it. The accounts of individuals and businesses in such cases are dramatic: they have in some cases lost their entire digital past.
Copy-cat criminals have now developed similar malware. In return for a ransom, the victim should receive the decryption key for recovering their files. Although various antivirus products are able to locate and eliminate the malware, it is too late in most cases because the files on the computer have already been encrypted. Therefore, the real problem is not removing the malware, but recovering the original data.
There currently appears to be no realistic method for decrypting the data without the key that only the extortionist knows. Nevertheless, MELANI advises against giving in to the criminals’ demands and making a payment, “There is no guarantee that the criminals will actually send the victim the key that is needed to decrypt the files and there is every possibility that they will take advantage of the victim’s willingness to pay and demand more money.” The solution? Prevention not cure. Back up regularly on at least two separate devices in turn.
| Swiss News
A guide to what's happening in the Lake Geneva region and beyond
