Visit the full NBR website

Upsurge in Kiwis hit by 'ransomware'

NBR contacted NetSafe this morning to see how the internet safety agency was dealing with Yahoo Xtra fallout (see its reaction on that front here). 

The part-funded watchdog was run off its feet last week, National Cyber Security Initiative (NCSI) head Chris Hails said - but not by any issue related to Telecom's email security meltdown but an upsurge in (completely unrelated) "ransomware" attacks.

In a ransomwar attack, hackers typically infiltrate your PC via the internet, block access to your files, then demand money for an unlock code.

"We're receiving a couple of requests for assistance with ransomware each day - and our partners including the police have also noted an increase in reports," CEO Martin Cocker told NBR.

Antivirus and security software companies send hysterical alerts about this-and-that on an almost daily basis.

But NetSafe - a non-profit part-funded by the government - gives a clear indication of threats that are actually hitting everyday Kiwis.

"We understand there are about 30 variants of the ransomware which fall into two categories," Mr Cocker told NBR ONLINE this morning.

"One type blocks access to your PC, and pops up a message telling you it has done so. These variants are becoming increasingly complex but many can still be bypassed to regain access to the PC. The other type is quite nasty and encrypts all the data on your drive. Some of these also encrypt the data on any connected backup systems. The encrypted data cannot be recovered."

Don't pay up
Mr Cocker also has a warning for those who have been hit, and are thinking about coughing up the money demanded by the hackers who have hijacked their PC.

"In truth, these are not ransoms. They are a scam. People who pay the 'ransom' will not receive the unlock codes," the NetSafe CEO says.

Basic precautions are the same as for any other malicious attack. Make sure your sercurity and antivirus software on your PC is up to date. Small business owners should also ensure that all software on their servers are up to date.

NetSafe has more tips here.

More by Chris Keall

Comments and questions

And most importantly of all, make sure that you take regular backups of your data and keep them in a discrete location from the system. If the backups are made over a network, have them done with a "pull" rather than a "push" method and make certain that the backup host does not remain connected to the system being backed up. Don't store any credentials or information about the backup host on your computer. If you back up to an external disk or flash device, unplug it and keep it somewhere safe (preferably not in the same building). And test your backups periodically by restoring the data and comparing it to the source.

Indeed. Good points, Phil. Always assume you'll get hit at some point.

You could also say it's another argument for storing your data - or at least copies of your files, online in the cloud (NZ broadband caps allowing).

Cloud storage is great, but make certain there's an "air gap". That means no desktop client or file manager integration, and no way for an intruder who's gained access to your machine to then connect to your cloud account and scramble your files. Easier said than done with most commercial offerings, but I have set up some secure backup solutions with Amazon which pull from the source and then hang up.

Or you could just switch to a linux OS if you wanted to get serious about your security, and/or you rely on your computer for your livelihood.

« Back to home page