Members of the public are being advised how to avoid becoming victims of “Ransomware” by the Royal Gibraltar Police.
The move follows a number of frauds in Gibraltar in recent weeks – including telephone scam calls, business compromise fraud and sextortion – which have affected locals.
Ransomware is a type of software that prevents users from accessing their computers, by locking their screen until a ransom is paid.
Often payment is demanded in Bitcoin, or in some cases, in iTunes or Amazon gift cards.
However, it is important to note that paying the ransom does NOT guarantee that the victim’s computer will be unlocked.
Victims may unknowingly download Ransomware by visiting certain websites or opening attachments from spammed emails.
A spokesman for the Royal Gibraltar Police, said: “Ransomware can either lock the computer screen, or encrypt certain files. In the first scenario, a full-screen image or notification is displayed on the infected computer screen, which prevents victims from using their system. This also shows instructions on how to pay for the ransom. The second type prevents access to files, such as documents and spreadsheets.
“A Ransomware attack can have a significant impact on individuals and organisations alike, but particularly in the case of critical services.”
The spokesman added that it’s important to remember the following:
1 Don't click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can 'spoof' an email address to make it appear like one used by someone you trust. If in doubt, always check the email header (or contact the person separately by other methods).
2 Always install software updates as soon as they become available, no matter how inconvenient this might seem at times. Whether an update is for the operating system (i.e. Windows) your anti-virus or an application, an update can contain fixes for critical security vulnerabilities.
3 Create regular backups of your important files to an external hard drive, memory stick or online storage provider. You cannot be held to ransom if your data is safely stored elsewhere. It is important that the device you backup to isn't left in an insecure location, or linked to the same network your main equipment is connected to. There are several providers who offer small amounts of cloud storage for free or larger storage capacity at a reasonable fee.
4 If you do become a victim of ransomware, disconnect your device from the Internet and home network/Wi-Fi to prevent the infection from spreading. The general advice is that since you are dealing with criminals, you should never offer any payment – as there is NO guarantee your information will be returned to you. Seek support from an IT services provider (unless you yourself are able to download specific software products to “disinfect” your system) and report the crime to the police.
There are various online resources that provide useful advice on how to protect your data and devices, as well as what to do when infected with ransomware.
Some of these resources also provide access to Ransomware unlocking tools.
One such resource is the "NoMoreRansomware" project, an initiative between the European Cybercrime Centre and other law enforcement and industry partners, and which can be found at: https://www.nomoreransom.org/prevention-advice.html
The UK National Cyber Security Centre also provides valuable free advice for organisations on preventing a ransomware incident, as well as other online threats.