If you’ve ever seen a ransomware virus pop up on your computer, lock down your work and deny access to your system, you’ll know exactly how brutal it can be. But now – thanks to the good eggs down at Kaspersky – there’s an antidote to some versions of the poison.
Ransomware is a type of malware that locks your computer or encrypts your files so that you can’t access them. It then demands money in exchange for the decryption key so that you can unlock the files or system.
A ransomware attack is usually triggered by a vulnerability in your system – like if you open an email that contains a phishing scam or go onto a fake site created by attackers. They make the threat sound incredibly convincing – often saying they’ve found bad software on your system, and even go so far as pretending to be the authorities. They even have legit-looking badges.
Unfortunately if this happens it’s quite likely that you’ll be stuck. You can’t get around the malware by restarting your system and even if you give up the dolla there’s no guarantee they’ll release the key.
But there is some hope. Security giants at Kaspersky Lab have been working with The National High Tech Crime Unit (NHTCU) of the Netherlands’ police and the Netherlands’ National Prosecutors Office to get hold of the decryption keys for two notorious types of ransomware – CoinVault and Bitcryptor – after the guys that wrote the malware were arrested, and they’re sharing the keys for free!
“During our joint investigation we have obtained data that can help you to decrypt the files being held hostage on your PC,” Kaspersky said. “We are now able to share a new decryption application that will automatically decrypt all files for Coinvault and Bitcryptor victims. We are considering this case as closed. The ransomware authors are arrested and all existing keys have been added to our database.”
Unfortunately, ransomware is like the common cold – it’s constantly evolving and being modified slightly by attackers, so there is no ‘one size fits all’ remedy. As soon as it changes, the decryption key will no longer work, so – just like vitamins and lots of sleep to protect yourself against a cold – you need to ensure you’re pre-emptively protecting your system too.
Backing up is key – preferably behind a firewall and not on the same network as your main system, as malware can jump between. That way if someone does lock your file, you can simply go to the backup copy. Sucks to be you, would-be attacker.
As ever, keep antivirus software up to date and always always be wary of clicking on links unless you’re about a trillion percent sure that it’s from a trusted source…and even then sometimes people can have their email accounts taken over, so it technically is from them but the link is proper dodge.
It might seem bleak but if you suffer a ransomware hit it may be worth archiving the data, as if they catch the crim they might be persuaded to give up the key. Might be living on a prayer there, but it’s possible. The good folks at Kaspersky and in law enforcement will hopefully continue to work their magic, but in the meantime, if you can try and make attackers lives that bit more difficult, that’s a win too!
For more information on the security solutions at UKFast take a look at our website or give us a call on 0208 045 4945.