The Rise of Ransomware Threats

On March 31, 2016, the U.S. Department of Homeland Security (DHS) and Canadian Cyber Incident Response Centre (CCIRC) issued a joint alert concerning the dangers of ransomware. The alert details the prevalence of ransomware, its effect on individuals and businesses, and prevention methods.

Ransomware is a type of malware that infects computers and restricts users’ access to those computers by locking the users out of their systems or encrypting the users’ files. The creators of the ransomware then demand a ransom payment to release the computers and/or decrypt the files. The ransom amount varies but often falls between $200 and $400, paid in a virtual currency (e.g., Bitcoin). This amount may not seem like much, but with multiple infected computers and the disruption of business, it can cost a company thousands of dollars.

Because paying a ransom is no guarantee of files being released, the DHS and CCIRC discourage the payment of such ransoms. Instead, they recommend reporting the incident to the FBI’s Internet Crime Complaint Center.

Ransomware can spread a number of ways, such as by opening malicious email attachments, visiting infected websites, using infected Web-based instant messaging applications, or maintaining vulnerable web servers. In order to protect yourself from these harmful viruses, the DHS and CCIRC recommend the following actions:

-Regularly backup data on a separate device and store offline

-Use application whitelisting

-Keep software and operating systems up-to-date

-Maintain up-to-date anti-virus software

-Scan downloaded software for viruses before using

-Restrict users’ abilities to install and run unwanted software applications

-Avoid enabling macros from email attachments

-Do not click on unsolicited Web links in emails

See the official alert for more specific information concerning ransomware: https://www.us-cert.gov/ncas/alerts/TA16-091A