Global cyber incidents which have taken place have highlighted the significant and growing threat posed by ransomware.
Action Fraud with Cyber Protect UK, partners in law enforcement and the private sector are warning you about ransomware and the dangers associated with it. Be #RansomAware.
Follow these simple steps to protect your data and devices from
— Action Fraud (@actionfrauduk) July 3, 2017
ransomware. Be #RansomAware pic.twitter.com/bE0Pw9ca64
What is ransomware?
Ransomware is a form of malicious software (malware) that enables cyber criminals to remotely lock down or encrypt the files on your device. Criminals use ransomware to extort money from you (a ransom), and will claim to restore access to your files or device once you have paid. Ransomware can be delivered in various ways; for example, via attachments in authentic looking emails purporting to be from genuine companies.
How to protect yourself:
- Anti-virus: Use anti-virus software on all of your devices and configure it to automatically update. Run a complete scan of your system to check for any malware infections.
- Updates: Install the latest software and app updates on all of your devices. These updates will often contain important security upgrades which help protect your device from viruses and hackers.
- Backups: Backup all of your important data to a storage device that won’t be left connected to your computer or network, such as an external hard drive, or an online storage service.
- Emails: Don’t open attachments or click on the links within any unsolicited emails you receive. Spoofed emails purporting to be from a person or company you know of can be used to deliver ransomware.
What happens if you have already been infected with ransomware?
Don’t pay
Don't pay extortion demands as this only feeds into criminals' hands, and there's no guarantee that access to your files or device will be restored if you do pay. Criminals have been known to re-target victims that have already paid a ransom once; paying a ransom only highlights to criminals that you’re vulnerable to a ransomware attack. Even after you’ve paid the ransom, and access to your files is restored, it’s possible for criminals to leave a “backdoor” installed on your device which can later be used to re-infect
Ransomware removal
Sometimes it’s possible to remove a ransomware infection without paying the criminals. No More Ransom has been set up with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals. If you are still unable to remove the ransomware, seek professional technical help from a trustworthy source.
Reporting
If you have been a victim, please report it to us. Every report you make helps us build a clearer picture of the threat from ransomware and allows the police to direct the focus of their investigations.
24/7 Reporting for Businesses
If you are a business, charity or other organisation that is currently experiencing a live cyber attack (an attack in progress), please call us on 0300 123 2040 to speak with one of our specialist advisors. You should keep a timeline of events and save any information that is relevant to the attack.