I’ve heard rumors that there are viruses that can take over your computer and demand a ransom to allow you back in. Can this really happen?
This form of exploitation does exist and has actually been around since the early days of personal computing. The first known instance of what is called ‘ransomware’ actually goes back to the late 80’s and variations of the scam have been evolving ever since.
If you or anyone you know is ever hit with any type of ransomware, under no circumstances should you pay the ransom.
Today, one of the most common instances appears as a warning from the FBI accusing you of illegally downloading copyrighted material or child pornography and demanding that you pay a fine to avoid prosecution.
The malicious program pops up a message that says that you have been blocked from using the computer until you pay the fine via a MoneyPak card or other obscure payment systems in hopes that they can scare you into paying quickly.
The FBI/Police version of the exploit started hitting computers worldwide last year and has been playing a cat and mouse game with the security world ever since.
There are a lot of places on the Internet that have manual removal instructions for tech-savvy users that the ransomware authors are also seeing. As removal instructions are posted, the malware authors modify the virus code to render the instructions useless and the game goes on.
For instance, most of the previous versions would allow you to boot to ‘Safe Mode’ so you could remove the malicious code, but now it blocks access to Safe Mode altogether.
Anyone that gets hit by this scam needs to have a full security check done on their computer, because this is a clear indication that they haven’t been keeping up.
Simply removing the code and not plugging the holes that allowed it to happen will likely mean being right back in the same place in the near future.
Most users are being hit because they haven’t kept their operating systems and antivirus software up to date, which allows them to get hit just by visiting a rigged website (a.k.a. drive-by download).
A much more serious version of this exploit is hitting businesses via a common remote access tool built into Windows-based Servers known as RDP (Remote Desktop Protocol).
Ransomware hackers are scanning the Internet (kind of like in the movie War Games) looking for RDP connections that are using default port settings with easy to break passwords.
Once they break the password, they can access the entire corporate network (even attached backup drives) and run a script that will seek out common business files and encrypt them, which locks the owners out.
They then display a demand page with a timer stating that you have one week to pay the $3,000 ransom or it goes up by $1,000. Each week that you wait, the ransom goes up by $1,000.
Data recovery from this attack is nearly impossible, so you can only recover data if you have an off-site backup that wasn’t attacked.
Here’s what we are doing for our business customers:
– Set accounts to lock for 3 minutes after 3 failed attempts
– Make sure all remote users have very secure passwords (15 characters or more)
– Change the default port for RDP access
– Make sure you have a daily off-site backup procedure
– Make sure you have the latest RDP patches from Microsoft
- Skin Cancer in Arizona: Stats, facts and new immunotherapy drugs making strides
- Caring Crisis: Rising tide In Alzheimer’s disease leads to shortage of caregivers
- Distracted walking injuries end up not so funny
- Scary situations: 5 quick tips before you let a contractor in your home
- Four ways telemedicine is changing the health care industry
- 5 mistakes homeowners make in the spring
- Three rivers run through it: Exploring Arizona's waterways
- Smart home basics: things you need to know to get started
- 5 Surprising things causing back pain
- Arizona agriculture is a $17.1B industry
- Timeline: Arizona's roots in brewing history
- 5 reasons to love the D-backs this season
- Tips for taking your home entertainment experience to the backyard
- Tech-related injuries your parents never experienced
- Workers comp: Signs your co-worker could be a fraud
- Who's the real founder of America's pastime?
- Epidemic rising? What you need to know about Alzheimer's in Arizona
- 5 unforgettable Wooden Award winners
- Family and hard work are keys to success of modern dairy farmers
- Genetic testing could hold answers for colon cancer survival
- Cold beers and baseball: A beer lover's guide to Spring Training
- Telecommuting: 5 tips to make it work for employers and employees
- See how top CFOs feel about economic growth in the Valley
- Migraine myths that keep patients from effective treatments
- Here’s why Gaydos went tankless with his water heater
- Bocce ball and basketball: How you can help Arizona's Special Olympics athletes
- Tips on building the best wine room in Arizona
- Avoid the nightmare: 6 tips to choose a great contractor
- Breast cancer: Improved testing and treatments means more survivors
- Failed back surgery: New hope for patients living in pain
Latest Data Doctors
- If you're still using Windows Vista, you might want to consider an upgrade
- Some questions and answers about creating a paperless home
- Lessons and tips we can all learn from 1 billion hacked Yahoo accounts
- Should I consider adding Trusteer Endpoint Protection to my computer?
- Know your options if you are suddenly hit with ransomware