Royal Gibraltar Police officers have issued a warning to businesses on the Rock of possible ransomware attacks after a local firm was targeted. The force has also issued comprehensive advice about how to minimise the risk from cyber attacks, and what to do if you are affected.
Ransom malware, or ransomware, is a type of cyber attack that prevents users from accessing their computer system until they have made a ransom payment.
Attackers usually leave a “ransom note” which informs the victim that the only way to get access to their files is by using a “key” purchased from the attackers. Victims usually then have 48 hours to contact the attackers to prevent files from being deleted, published on various websites, hackers’ forums, etc. The attackers usually send a link to the dark web, where they can anonymously make contact with the victim and make their demands.
The earliest variants of ransomware were developed in the late 1980s and payment was to be sent through the postal system. Today, ransomware attackers require payment be sent via cryptocurrency or credit card and they target individuals, businesses and organisations of all kinds.
The RGP is aware that a local firm has recently been the subject of a ransomware attack and the investigation is ongoing.
An RGP spokesperson said,“If anyone believes that they have been targeted, they should speak to an IT professional or their Internet Service Provider to ask for help, as they may be able to assist immediately in preventing the attack from continuing.
“If a ransomware attack is confirmed, the relevant server/computer should be considered as a crime scene, which contains vital evidence. It is important to keep a timeline of events and to save server logs, web logs, email logs, network graphs and reports. These would assist in any future investigation.
“Anyone needing specific advice can contact us on via ECU@royalgib.police.gi or on 20048040”
The RGP has also issued advice about how to prevent ransomware attacks:
BROWSE AND DOWNLOAD SOFTWARE ONLY FROM TRUSTED WEBSITES
Use official sources and reliable websites to keep your software patched with the latest security releases. Always use the official version of software.
DO NOT INSTALL OR RUN NON-TRUSTED OR UNKNOWN SOFTWARE
Do not install programs or applications on your computer if you do not know where they come from. Some pieces of malware install background programs that try to steal personal data.
DO NOT PAY OUT ANY MONEY
Paying does not guarantee that your problem will be solved and that you will be able to access your files again. In addition, you will be supporting the cybercriminals’ business and the financing of their illegal activities.
DO USE ANTI-VIRUS SOFTWARE
Install and keep anti-virus (AV) and firewall software updated on your devices. AV can help keep your computer free of the most common malware. Always check downloaded files with AV software. You can easily find many free options on the market.
DO REGULARLY BACK UP THE DATA STORED ON YOUR COMPUTER
Full data backups will save you a lot of time and money when restoring your computer. Even if you are affected by ransomware, you will still be able to access your personal files (pictures, contact lists, etc.) from another computer. There are a number of high quality data backup solutions available on the internet for free.
DO CONSULT YOUR ANTI-VIRUS PROVIDER ON HOW TO UNLOCK ANDREMOVE THE INFECTION FROM THE DEVICE
There are numerous official websites and blogs with instructions on how to removethis type of malware safely from your electronic devices. One such site is www.nomoreransom.org which is able to check whether you have been infected with one of the ransomware variants for which there are decryption tools available free of charge.