We don’t negotiate with Ransomware

we dont negotiate with ransomware 2016 images

We don't negotiate with Ransomware 2016 images

How To Avoid Paying Off That Creepy Ransomware Message

Nothing is creepier than malware that gets interactive. Ransomware scrambles or encrypts your important files and interacts with you through a message that tells you to pay up or lose your important data. It forces poor schmoes who have yet to develop the habit of backing up their data to interact with those that hold their system or data hostage. Ransomware damage could cost hundreds to millions of dollars for companies infected with new strains that have yet to be solved by security companies because there are no other solutions but to pay. But there may be hope on the horizon thanks to a collaborative project between Intel Security, the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, and Kaspersky Labs. The project is called No More Ransom.

First, to better describe ransomware, here’s a message from the FBI:

“Ransomware is a type of malicious software cyber actors use to deny access to systems or data. The malicious cyber actor holds systems or data hostage until the ransom is paid. If the demands are not met, the system or encrypted data remains unavailable, or data may be deleted.”

The danger is very, very real and should not be ignored. Schools, hospitals and even government agencies had to pay up to recover their data when victimized by new ransomware that has yet to have solutions. Ransomware attacks are currently on the rise. Ransomware authors are enterprising blackhat hackers that are difficult to detect and lurk in the dark web and force users to pay up through untraceable means like bitcoin.

ransomware avoidance

“The total cost of damages related to attacks using cryptographic file-locking software could reach $1 billion this year (2016).”

— Danny Palmer, ZDNET

This author’s employer itself had a close call with the Ransomware called Lockey, but thankfully there were backups available and the ransomware removed through various means, including unfortunate shutdown of some operations while systems were being re-formatted. The incident forced the company to set up a cybersecurity awareness campaign.

“…The police cannot fight cybercrime, and ransomware in particular, on its own. And security researchers cannot do it without support from law enforcement agencies…. Together we will do everything in our power to disrupt criminals’ money-making schemes and return files to their rightful owners, without the latter having to pay loads of money.”

— No More Ransom Website

Malicious file encryption has truly evolved from being a simple prank to a moneymaking enterprise, and it needs to be stopped or discouraged. Such is the aim of the No More Ransom Project. No More Ransom has this advice:

“The general advice is not to pay the ransom. By sending your money to cyber criminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption key you need in return.”

Not to mention, you must keep daily and weekly backups of files and system data. And if you’re technically and financially inclined, keep weekly image backups of your system. Ransomware authors continue to craft new ways to make our computing lives miserable but in case you become a victim of what’s already out there, you can visit the No More Ransom Website to check if there’s a solution to your problem.

The website has a section called Crypto Sheriff which will determine the ransomware infection if it wasn’t familiar with your anti-virus/anti-malware solution. Once determined, they have a section called Decryption Tools which will allow you to decrypt your files without having to pay any money to the ransomware authors. You may need first to update your anti-malware solution to get rid of your ransomware infection though it may not be able to decrypt your files. That’s where the tools come in.

Whether or not the website solves your encryption problem, they also have a section where you can report the crime to the FBI Internet Crime Complaint Center. This way, the cases against the perpetrators will be mounted in case they’re apprehended which should put them away for a very long time. Nowadays, extended periods of time without wi-fi or internet access is torture.

And of course, in case you don’t have an anti-malware solution to prevent another infection, Intel Security and Kaspersky Labs also promote their respective solutions at the website. It goes without saying, you need to get them.