I’ve heard rumors that there are viruses that can take over your computer and demand a ransom to allow you back in. Can this really happen?
This form of exploitation does exist and has actually been around since the early days of personal computing. The first known instance of what is called ‘ransomware’ actually goes back to the late 80’s and variations of the scam have been evolving ever since.
If you or anyone you know is ever hit with any type of ransomware, under no circumstances should you pay the ransom.
Today, one of the most common instances appears as a warning from the FBI accusing you of illegally downloading copyrighted material or child pornography and demanding that you pay a fine to avoid prosecution.
The malicious program pops up a message that says that you have been blocked from using the computer until you pay the fine via a MoneyPak card or other obscure payment systems in hopes that they can scare you into paying quickly.
The FBI/Police version of the exploit started hitting computers worldwide last year and has been playing a cat and mouse game with the security world ever since.
There are a lot of places on the Internet that have manual removal instructions for tech-savvy users that the ransomware authors are also seeing. As removal instructions are posted, the malware authors modify the virus code to render the instructions useless and the game goes on.
For instance, most of the previous versions would allow you to boot to ‘Safe Mode’ so you could remove the malicious code, but now it blocks access to Safe Mode altogether.
Anyone that gets hit by this scam needs to have a full security check done on their computer, because this is a clear indication that they haven’t been keeping up.
Simply removing the code and not plugging the holes that allowed it to happen will likely mean being right back in the same place in the near future.
Most users are being hit because they haven’t kept their operating systems and antivirus software up to date, which allows them to get hit just by visiting a rigged website (a.k.a. drive-by download).
A much more serious version of this exploit is hitting businesses via a common remote access tool built into Windows-based Servers known as RDP (Remote Desktop Protocol).
Ransomware hackers are scanning the Internet (kind of like in the movie War Games) looking for RDP connections that are using default port settings with easy to break passwords.
Once they break the password, they can access the entire corporate network (even attached backup drives) and run a script that will seek out common business files and encrypt them, which locks the owners out.
They then display a demand page with a timer stating that you have one week to pay the $3,000 ransom or it goes up by $1,000. Each week that you wait, the ransom goes up by $1,000.
Data recovery from this attack is nearly impossible, so you can only recover data if you have an off-site backup that wasn’t attacked.
Here’s what we are doing for our business customers:
– Set accounts to lock for 3 minutes after 3 failed attempts
– Make sure all remote users have very secure passwords (15 characters or more)
– Change the default port for RDP access
– Make sure you have a daily off-site backup procedure
– Make sure you have the latest RDP patches from Microsoft
- Telecommuting: 5 tips to make it work for employers and employees
- See how top CFOs feel about economic growth in the Valley
- Migraine myths that keep patients from effective treatments
- Here’s why Gaydos went tankless with his water heater
- 12 things to watch before the Oscars
- Bocce ball and basketball: How you can help Arizona's Special Olympics athletes
- Tips on building the best wine room in Arizona
- Avoid the nightmare: 6 tips to choose a great contractor
- Breast cancer: Improved testing and treatments means more survivors
- Best and worst of Super Bowl commercials
- Failed back surgery: New hope for patients living in pain
- Ticking time bombs: Telltale signs your water heater is about to explode
- Reading glasses could be a thing of the past
- 6 cool ways teachers are using technology in the classroom
- Emerging tech jobs in Phoenix and how to get one in 2017
- 4 top treatments athletes use for pain
- Emergency! What to do when bathrooms flood
- Operation Santa Claus needs holiday help
- This college bowl season is likely to be epic
- Arizona kids in crisis: How you can help
- 11 holiday classics for the ultimate movie marathon
- New treatment offers hope for migraine sufferers
- 11 stadiums to watch your favorite football team
- Shopping for a TV? Best models for 2016
- The new beer pairing guide for holiday foods
- Avoid this holiday plumbing disaster in your home
- 7 tips to avoid holiday weight gain
- New treatments mean better prostate cancer survival rates
- 5 of the scariest things found in drains
- 6 tips to create the best family movie night
Latest Data Doctors
- Lessons and tips we can all learn from 1 billion hacked Yahoo accounts
- Should I consider adding Trusteer Endpoint Protection to my computer?
- Know your options if you are suddenly hit with ransomware
- If hackers can access public figures' email accounts, how can I stay safe?
- Don't worry: Portable cellphone battery chargers are not likely to explode