ITS

Information Technology Services
Information Technology Services

Notice: Ransomware attacks are becoming an increasing problem.

  • Ensure you have virus protection and that it is kept updated.
  • Don't open unexpected attachments or download unknown software.
  • Keep a back up of your files for recovery.

Ransomware: when your computer is held hostage

Cyber-thieves are a whole new breed of criminal. They are smart and cunning, and what they are stealing is your data and your identity.

With the internet and the widespread use of electronic devices – computers, tablets, cellphones – the everyday user is an easy target for thieves to target.  Forty years ago, computers were operated by programmers and you needed extensive training to know how to use one.  Not so today.  Now the user doesn’t need to know anything about the inner workings of the device in order to use it; they just need to be able to press a button – it’s so easy, a child can do it.

From smartphone compatibility in our cars to wearing smart watches on our wrists, not only do we expect this ease of use, we demand it! But the easier they make it for us to use, the easier they make it for the thieves to prey too.  For people who have an honest nature, it is hard to believe that there are others out there setting traps trying to steal our banking information, our passwords and our identities, both online and in the real world.

So what have these thieves been up to while we have been figuring out how to use the latest app on our computers and cell phone? 

ransom letters spelling out

Beware of ransomware!

Ransomware is a program designed to entice you to pay a ransom in order gain back access to your computer or your files. Ransomware comes in a number of variants with some being nothing more than a nuisance that requires lengthy removal steps with specialized software and knowledge. These type of variants will often warn the user of existing infections and if you pay a fee, the software promises to remove the identified problems. To the unsuspecting user, the warning will appear to be generated by the computer system, however it is simply a ploy for you to purchase a fake removal product that will do nothing. 

The most destructive type of ransomware will encrypt your computer files so you cannot use them. When you attempt to open your files you will receive a ransom message telling you to pay a sum of money in exchange for the decryption key to unlock your files. The sum of money is usually several hundred dollars and when people are faced with the alternative of losing all their data, they often pay the ransom. This has been very lucrative for cyber criminals since the only solution is to either pay the ransom or restore your files from an existing backup. If you do not have your files backed up, this could result in the loss of important files and data.

How does it work?

Ransomware will likely arrive on your computer as a seemingly legitimate file that includes a description leading you to believe that the file is beneficial to you; is a file that you were expecting; or it could simply start a download and infect your computer when you visit a malicious webpage (called a drive-by download).  What you don’t know is that the file has a secret payload; it is a snippet of a larger program, designed to download the entire program onto your computer without your knowledge. You won’t even know it is there until it is too late!  The next time you restart your computer, all your files may be encrypted and you will receive a ransom note demanding payment in exchange for the decryption key.

Enigmasoftware has a great video Ransomware - The Age of digital Extortion that explains what ransomware is, how you get infected and what you can do to avoid it.

Can I protect myself?

If you are one of the smart ones who updates your operating system and applications and have up-to-date anti-virus software on your computer, ransomware may be identified and quarantined before it harms your computer.  To ensure you do not fall victim to ransomware or any other malware, store your data remotely on one of our file storage services.  Additionally, be proactive and review and adopt the Cyber Tips & Tricks best practices.

What should you do if you've become a victim: 

Expert advice is that you don’t pay the ransom. There is no guarantee that even if you pay the ransom the key will be supplied. If your computer is infected with ransomware, seek help.  There is also anti-virus software available that may remove some variants of the ransomware. If you know the name of the ransomware, steps to remove it can be found online. In the worst case scenario, you will need to re-image your computer and restore your files from backup (you do have a backup – right?).

If you need help, contact the IT Support Centre by calling 613.533.6666 or by filling in the Online Help Form.


Additional Resources:

Last reviewed: September 2016