Tallahassee Journal

Ransomware is threatening your computer

Ransomware is threatening your computer

Lost in much of the discussion of the recent hacking of Sony was that in their initial communications, the hackers attempted to extort money from Sony in return for not making public the private data and e-mails stolen by the hackers. Sony refused and soon thereafter the Internet was flooded with much of the material stolen, including embarrassing e-mails of Sony executives.Sony-and-Ericsson-go-separate-ways-HMH61IL-x-large

The more common ransom hacking scenario, however involves the hacker locking the computers of its victim and preventing access to any of the information stored on the company’s computers unless a ransom is paid. Although many people are not familiar with this particular type of extortion, it has been going on for 25 years. Just last summer, Code Spaces, a code-hosting and software collaboration company was put out of business when its data was destroyed by hackers when the company refused to pay a ransom after falling prey to a ransomware malware attack.

But this is not just a problem for corporations. Much of the focus of hackers has been on individual computer users like you and me. You first notice that you have become a victim of ransomware when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a ransom. The ransom is generally required to be paid by MoneyPak cards, bitcoin or other untraceable funds.

Over the past few years, new versions of ransomware with names such as Crytolocker, RIG and most recently OphionLocker have been developed by hackers in their continuing battle to stay ahead of security software developers. These ransomware malware programs generally encrypt your files, making them unreadable by you unless you pay the ransom, which has ranged from as little as $200 to as much as thousands of dollars.

In many instances, the ransom demand is tripled if the ransom is not paid within a few days. In return for paying the ransom, you are told that you will receive the private key necessary to retrieve your files. Unfortunately, in some instances, people who even paid the ransom have found the hacker never provides the key and their files were effectively lost forever. As with much of the malware that threatens us all, ransomware malware is sold on black market websites by the criminal masterminds who create this type of malware. Some of the programs have been sold for as little as $60 per day.

As with many types of malware, most ransomware malware is unwittingly downloaded by victims when they click on tainted links, download tainted attachments or even click on phony advertisements. In many instances, the phishing e-mails containing Crytolocker ransomware malware have purported to be from Federal Express, UPS, the U.S. Postal Service and even security software companies McAfee and Symantec as well as many other companies and many other guises.

This just serves to emphasize my mantra: “Trust me, you can’t trust anyone.” To avoid malware, never click on links or download attachments regardless of how legitimate they may look until you have independently confirmed that the links and attachments are legitimate. RIG ransomware malware has been spread through malvertising. Malvertising is legitimate-appearing advertising that may be found on legitimate websites unwittingly carrying the advertising without knowing it is a scam. Links in the malvertising when clicked on download the ransomware malware onto the computer of the unwary victim.