Criminals in cyberspace have been using malicious software called cryptolockers that encrypt victims’ files to ransom for money, according to a computer security company.
Published in the Security Threat Report 2014, Sophos claims that attacks by ransomware happen more frequently this year, and describes the ‘prime malice’ cryptolockers as ‘the most dangerous and widespread’ one.
Commonly spread by email or website spam, cryptolockers work by using a very strong encryption to ‘lock’ all the files and images on the user’s computer. Once encrypted, the attacker then asks the victim to pay the ransom by a virtual currency bitcoins in order to retrieve the private key in the hope to ‘unlock’ the encrypted files.
However, a University of Oxford IT Services spokesperson strongly advised against following the criminals’ instructions to pay. ‘There is no guarantee that you will get your files back, and by doing so you are implicitly encouraging criminal activity and further attacks against other users.’
‘Users who are attacked by cryptolockers stay calm, switch off the infected system, and inform their local IT staff as soon as possible.
‘Continuing to use an infected system risks loss of data that may otherwise be recoverable.’
Since cryptolockers may be transmitted to external storage devices, such as USB drives, users may keep backups and make sure they are disconnected to the Internet unless they are in use, the spokesperson suggests.
The IT Services also advices students to take appropriate steps against cyber attacks, including using antivirus software and enabling email filtering. They should also be vigilant when opening suspicious emails, including those with malicious attachments or instructions to provide personal information to another website.
For more information on how to protect yourself against security threats online, visit the IT Services page http://www.it.ox.ac.uk/infosec/protectyourself