So you’re going to get rid of blackmailers
Again and again, crypto or blackmail Trojans succeed in penetrating computers.
For private individuals and businesses, it is time to think about how to show Ransom ware the red card.
They are called WannaCry, Petya or Locky and they cause problems around the world.
For a long time experts warned against Ransom ware, the computer files encrypted and released only after payment of a ransom.
In a study by the Internet Association (Eco), 95 percent of security experts surveyed said the threat to the German economy was growing.
Should you be affected, you are interested in: How can you decrypt your files? We have asked for you.
Previously it was about money, today Scams and Wiper aim at data
“Ransom ware waves have been around for several years. However, it was not until 2016 that Locky was really acute, “remembers Peter Meyer, Head of Cyber Security Services at Eco.
The reason: the blackmailers had realized that the business model is worthwhile.
The victims were ready to pay for the deciphering. This motivated her to continue.
The financial success finally called for imitators. Among them also riders who did not intend to release the data again.
“It used to be very likely that you received the decryption code after paying the money,” said the IT security expert. Today more and more so-called Ransom ware scams or Wiper make the round.
“These are viruses or worms that only pretend to encrypt the files. In reality they destroy them.
The payment of ransom therefore does not help “. The destruction of data was also the focus of the latest Petya wave, which initially raged in the Ukraine and then spread worldwide.
Automatically update and remove old computers from the network
But how can we protect ourselves? For companies and individuals, the automatic software updates of the computer programs must be activated.
Usually, the major software providers react to security gaps.
“In the case of WannaCry (a cyber-attack that killed some 200,000 computers worldwide in May), Microsoft released the security patch eight weeks before the big attack,” explains Meyer.
For older program versions like Windows XP and Vista, however, security updates are not provided, even if Microsoft has made an exception at WannaCry.
And that is a problem. Because many companies use expensive special software, which partly runs under Windows 95.
In this case, Meyer advises to separate the old computers from the Internet and the rest of the computer network, or to run them at least in a virtual environment.
Then no malicious software should infect the computer or the entire network.
Periodically check antivirus programs and pull backups
If the computer is not cut off from the Internet, an antivirus program and a firewall should be part of the standard repertoire.
As a rule, the Trojan hides behind a link, which comes via an e-mail into the system. A thoughtless click, and he is already downloading himself.
Then good advice is expensive. “Ransomware is a highly cryptic process.
Even the fastest computers would have to reckon for years to decrypt them, “Meyer notes. In some cases, the code is cracked, but only because the programmers have made a mistake.
You should not rely on that!
Instead, it is important to create regular backups. The company also advises the malware expert to store the data and infrastructure on a second server. This allows you to quickly return to the daily business after an attack.
Ransom ware experts help by phone hotline or mail
However, not only the computer should be prepared for a cyber-attack, also you as a user, should inform yourself beforehand and regularly perform digital fire protection exercises.
Because: in an emergency, every handle must be seated. A first aid consultation is available at the Cybercrime hotlines of the State Criminal Police Offices.
In addition, the Federal Office for Information Security (BSI) answers questions about problems with computer malicious programs by phone or e-mail between 8:00 am and 6:00 pm.
Maybe you’re lucky too. Some encryption Trojans were cracked. The Ransom ware Gallery from botfrei.de reveals what these are.
Although for the very current Trojans are still no rescue in sight, of the nine major malicious programs in May 2017, however, five have been decrypted.
Usually the instructions for the removal of malware are stored together with. In addition, Europol has set up its own Ransom ware help portal.
Affected people can upload an encrypted file and see if there is already a decrypted.