Software ransom attacks increase sharply

Symantec Security Response team says number of ransomware detections in Ireland have increased by 131 per cent

Ireland has witnessed a sharp increase in detections of r

ansomware, sophisticated malicious software that literally holds your computer and its contents to ransom.

The Symantec Security Response team, which is based in Dublin, has released figures showing an increase in the number of ransomware detections in Ireland from 52,527 in 2012 to 121,603 in 2013, an increase of 131 per cent.

This compares with an increase of 128 per cent in the United Kingdom over a similar space of time.

READ MORE

Speaking to The Irish Times, Peter Coogan, an analyst at Symantec, gave an overview of what the victim of a ransomware attack can expect.

“Victims will generally get some kind of spam email that will arrive into the system,” said Coogan.

“It will use some kind of social engineering theme. It will lead them to a link from where they will download a file, thinking it’s an invoice or something else. Once they run this executable file the victim will have the malicious software on their machine.

“This can then search your computer for files that may be of value and will encrypt them with a high encryption rate.

“Victims will then have to pay the ransomer to get the encryption key.

“Basically you won’t be able to access these files again until you pay the extortion money.”

This trend in ransomware attacks began in Russia in the middle of the last decade and has become increasingly sophisticated.

Recent developments have seen attacks on the Android mobile platform, locking the victim’s mobile phone and demanding payment.

Perpetrators direct victims to pay ransoms in bitcoin on the deep web, a part of the internet that require special software to access.

This makes the location of the perpetrators hard to ascertain and leaves no money trail to follow.

Certain types of ransomware can geolocate what country the victim is in and can then display a false message, purportedly from the victim’s local police force, demanding payment of a “fine” for the computer to be unlocked.

This particular type of ransomware attack targets people surfing file-sharing or pornography websites. The message alleges that a crime has been committed and requests immediate payment.

In the Republic these bogus messages display the logo of An Garda Síochána, and include a portrait of President Michael D Higgins for good measure.

Some of these bogus message displays are quite amateurish.

Some of the bogus mails targeting Irish IP addresses helpfully come in the Irish language.

So what can you do to protect yourself from such an attack? Peter has a few suggestions.

“The most important thing when it comes down to ransomware is to make sure that you have your files backed up,” said Coogan.

“In terms of prevention make sure that you have your system fully up to date with the latest patches, have your antivirus fully up to date and avoid clicking on any suspicious links or emails.”

The Garda advises that in the event of an attack and a person has been deceived into paying money to make a report at your local Garda station.