How to avoid getting Crypto Locked

You’ve seen what it looks like on the TV. You might even know one or two people to whom it has actually happened. Yes, we’re talking about that moment when all your hard work gets ‘kidnapped’ by a cyber criminal and held hostage, with threats of destroying it all unless you pay up before their deadline.

Firstly, you need to understand how ransomware is delivered onto your system. It’s a relatively short list, but very important to understand:

Weak systems

  • A weak/overloaded/outdated firewall, for example, makes it easy for hackers to infiltrate your system.
  • Poor/inadequate spam filters allow things through that shouldn’t get through.

The cure:

  • A top-end firewall can unpack attachments in a ‘sandbox’ – a safe environment that is isolated from the network and can easily be switched off if anything untoward is found.
  • Decent, multi-layer spam filters can strain out almost all known, malicious attachments and links within emails

Malicious emails

A free stay? Really? Be slightly cynical rather than gullible.

Probably the number one method of delivery of ransomware – the malicious email that somehow slipped through the firewall and spam filters. A malicious email contains either a malicious link, or a malicious attachment, or both, and comes from a fake email address.

Amazing! You have a tax rebate that somehow isn’t showing up in your actual online filing account. Greed could easily cloud someone’s vision and make them fall for this scam.

Fake email addresses fall into two broad categories: Real email address belonging to people who were lax with their cyber security and lost control of the account, or email address that, at a quick glance, look like the real thing.

The cure:

User education, user educated and user education! The people in your organisation need to be educated so that they can quickly and easily spot a fake email.

Malicious links

If you get a shortened web address via text, don’t tap it – it’s almost certain to be fake.

Malicious links don’t always come in emails, texts or on social media; sometimes an entire website could be run by hackers (and look quite legit on face value). A malicious link is usually where additional malware is stored, uploaded to your computer and activated – often only at a later date, to help divert suspicion from off the website.

The cure:

Again, user education. To spot a fake website, you have to read the web address ‘backwards’. Let’s use this made-up example:

hsbc.com-banking.security.ru.co/secure_my_account

The / forward slash is what separates the main website address from the individual pages. Ignore everything to the right of the / then look at what comes directly to the left – in this example it’s security.ru.co – in other words, not HSBC!

In this example, ignore everything to the right of the very first /

hsbc.com-banking.security.ru.co/online_security/secure_my_account

You also need a respectable anti-virus that, when clicking on any web links, checks them first before allowing you through.

Physical Upload

Inadvertently giving the wrong people physical access to your computer systems could be disastrous. Physical access means a hacker (e.g. posing as a client, delivery man, contractor, lost person etc.) could have unfettered access to your system, planting all manner of malicious software.

The cure:

Make sure your workstations and servers have good passwords, and that they automatically lock themselves after 3-5 minutes of inactivity. Windows Autoplay should also be turned off on all workstations so that a hacker can’t unobtrusively slip a USB drive into an unattended, locked workstation, which would then automatically upload malicious code as soon as the workstation is unlocked/switched on.

Also educate all your staff to lock their workstations whenever they get up or leave the room – the shortcut is pressing the ‘Windows’ key and ‘L’ at the same time. Try it.

Servers need additional security such as lockable cabinets and CCTV covering the area.

Additional Precautions

Check websites like https://www.hoax-slayer.net or https://www.nationalcrimeagency.gov.uk/what-we-do/crime-threats/cyber-crime to familiarise yourself with current scams and how cyber criminals operate.

Don’t get too excited. “You won something” scams rely on your being too excited to think straight.

The problem with links sent via phone is that they are easier to fake and harder to verify than links sent via PC. Use common sense and don’t allow greed to overpower your better judgement.

Don’t get greedy. “We’ll pay you to…” and “You won something” scams rely on greed.

Don’t be embarrassed. “Your porn account is now active” scams rely on your embarrassment if someone else sees that.

Don’t fear (unless you really have been up to mischief, tut-tut). “You’re going to get arrested for tax evasion” scams rely on your fear of the law.

Don’t be too emotional. “Urgent warning! Share with others!” scams rely on emotional overreaction.