I’ve heard rumors that there are viruses that can take over your computer and demand a ransom to allow you back in. Can this really happen?
This form of exploitation does exist and has actually been around since the early days of personal computing. The first known instance of what is called ‘ransomware’ actually goes back to the late 80’s and variations of the scam have been evolving ever since.
If you or anyone you know is ever hit with any type of ransomware, under no circumstances should you pay the ransom.
Today, one of the most common instances appears as a warning from the FBI accusing you of illegally downloading copyrighted material or child pornography and demanding that you pay a fine to avoid prosecution.
The malicious program pops up a message that says that you have been blocked from using the computer until you pay the fine via a MoneyPak card or other obscure payment systems in hopes that they can scare you into paying quickly.
The FBI/Police version of the exploit started hitting computers worldwide last year and has been playing a cat and mouse game with the security world ever since.
There are a lot of places on the Internet that have manual removal instructions for tech-savvy users that the ransomware authors are also seeing. As removal instructions are posted, the malware authors modify the virus code to render the instructions useless and the game goes on.
For instance, most of the previous versions would allow you to boot to ‘Safe Mode’ so you could remove the malicious code, but now it blocks access to Safe Mode altogether.
Anyone that gets hit by this scam needs to have a full security check done on their computer, because this is a clear indication that they haven’t been keeping up.
Simply removing the code and not plugging the holes that allowed it to happen will likely mean being right back in the same place in the near future.
Most users are being hit because they haven’t kept their operating systems and antivirus software up to date, which allows them to get hit just by visiting a rigged website (a.k.a. drive-by download).
A much more serious version of this exploit is hitting businesses via a common remote access tool built into Windows-based Servers known as RDP (Remote Desktop Protocol).
Ransomware hackers are scanning the Internet (kind of like in the movie War Games) looking for RDP connections that are using default port settings with easy to break passwords.
Once they break the password, they can access the entire corporate network (even attached backup drives) and run a script that will seek out common business files and encrypt them, which locks the owners out.
They then display a demand page with a timer stating that you have one week to pay the $3,000 ransom or it goes up by $1,000. Each week that you wait, the ransom goes up by $1,000.
Data recovery from this attack is nearly impossible, so you can only recover data if you have an off-site backup that wasn’t attacked.
Here’s what we are doing for our business customers:
– Set accounts to lock for 3 minutes after 3 failed attempts
– Make sure all remote users have very secure passwords (15 characters or more)
– Change the default port for RDP access
– Make sure you have a daily off-site backup procedure
– Make sure you have the latest RDP patches from Microsoft
- 11 holiday classics for the ultimate movie marathon
- 2016 college football rivalry games you simply can't miss
- New treatment offers hope for migraine sufferers
- 11 stadiums to watch your favorite football team
- Shopping for a TV? Best models for 2016
- The new beer pairing guide for holiday foods
- Avoid this holiday plumbing disaster in your home
- 7 tips to avoid holiday weight gain
- New treatments mean better prostate cancer survival rates
- 5 of the scariest things found in drains
- 6 tips to create the best family movie night
- New bone marrow procedure holds promise for healing pain
- The best places to celebrate Fall in Phoenix
- Infamous athletes who did the most time for their crimes
- Diet, exercise and aspirin: 3 tools to fight colon cancer
- 2016 baseball highlights, bloopers and blunders
- See how CFOs really feel about business in the Valley
- The best television shows on the internet
- The 5 worst things you could do for your roof
- 6 coolest things brewing in Arizona
- The virus that keeps head and neck cancers on the rise
- State Fair ‘Kid Reporter’ has all the angles covered
- 4 important things to know about timeshare maintenance fees
- Signs of delayed car crash injuries
- The truth about sports concussions
- The Alzheimer's epidemic: Facts you need to know
- The season is here, keep your Fantasy Football team strong all season
- 8 TV shows you can't miss this fall
- Football is here: 6 tips to make this your best season ever
- Gameday recipes and beers to match
Latest Data Doctors
- Should I consider adding Trusteer Endpoint Protection to my computer?
- Know your options if you are suddenly hit with ransomware
- If hackers can access public figures' email accounts, how can I stay safe?
- Don't worry: Portable cellphone battery chargers are not likely to explode
- A webcam hack is a problem, but a sign of a much larger issue