Photo (cc) by hackNY
A type of malicious software known as ransomware is becoming more widespread and sophisticated, according to a cyber-security firm.
Case in point: an evolving strain of ransomware called TeslaCrypt.
Endgame, a firm in Arlington, Virginia, explains in a blog post:
TeslaCrypt 4.1A is only a week old and contains an even greater variety of stealth and obfuscation techniques than its previous variants, the earliest of which is just over a year old. …
Only four months into 2016, as our timeline demonstrates, this may very well be the year of the ransomware attack. These kinds of opportunistic attacks can be very lucrative and sophisticated, and should increasingly be on the radar of both high-value organizations as well as individuals.
Endgame’s research has determined that a spam email campaign is being used to spread TeslaCrypt 4.1A to individuals.
These spam messages regard the delivery of a package that can be tracked by clicking on a link. One example of a subject line is “Your package has been successfully delivered.”
If you receive such an email and click on any links contain in the email or open any files attached to the email, your computer will become infected — in this case, with TeslaCrypt 4.1A. Then, your files will be held ransom.
Ransomware generally encrypts computer files so victims cannot access them, effectively holding them ransom until the victim pays the attacker. In a CBS MoneyWatch report, Endgame senior malware researcher Mark Mager, who co-wrote the blog post, describes ransomware as “a really easy way [for attackers] to just milk money out of their victims.”
Backing up your computer files is key to protecting yourself from ransomware, says Mager (as well as the FBI), because it will have a limited effect on you if you have a second set of your files.
Mager suggests weekly if not nightly backups to an external hard drive that you unplug between backups. Cyber-attackers cannot access a drive when it is not connected to the internet directly or by being connected to your computer.
Prevention — which is this case means scrutinizing emails — is also key. Mager says in the CBS report:
“Use a little common sense and inspect the source of the email coming in. If there are little misspellings or grammar errors that don’t make sense, that’s something to take note of.”
If you are expecting a delivery, you can always log in to the website from which you ordered it. If you recently purchased something from Amazon, for example, instead of clicking on any links or downloading any attachments in an email, you can log in to Amazon.com and find out where you order stands.
Do you take any steps to guard against ransomware? Let us know below or on Facebook.