With ransomware cyber-attacks being big news at the moment, we explain how you can keep yourself protected from cyber-crime.
In May 2017, a global cyber-attack has hit over 200,000 people in 150 countries, with the NHS in the UK being amongst the worst hit. In Scotland 12 Scottish health boards, including the ambulance service, were targeted and the episode has increased fears about internet security across the country.
Meanwhile, in June 2017 a global ransomware attack caused turmoil for companies across the world. Again, a virus hit users computers and a demand was made to pay a random in the digital Bitcoin currency.
How can I protect myself?
The latest cyber-attacks have worried many people into thinking they could be targeted themselves.
Whilst home-users are at a low risk in this instance, many users can be exceptionally vulnerable to being caught out by viruses, scams and cyber-attacks.
Police Scotland is not responsible for third party content.
You can protect yourself by visiting the Ransomware: 'WannaCry' guidance for home users and small businesses section of the National Cyber Security Centre website.
Their main protection tips are:
- Update Windows,
- Run antivirus,
- Keep a safe backup of your important files.
You can learn more safety tips on the National Cyber Security Centre
Police Scotland is working with key partners and our communities to keep people safe online. The recent Ransomware attacks demonstrated the excellent collaboration between the National Cyber Security Centre, National Crime Agency, Police Scotland and key industry, public, private and third sector partners to tackle such online threats.
Utilising our Web Constable cadre, Police Scotland supports our local communities on a daily basis with advice on how to keep safe online, and giving people an awareness and the confidence to start the conversation about what they can do to keep themselves, businesses and communities safe, whilst enjoying the positives the online world has to offer.
Chief Inspector Scott Tees, Safer Communities, May 2017
Should I pay the ransom if my computer is infected?
The quick answer to this is NO!
Do NOT pay the ransom.
Giving into the demands of the attackers will only encourage them to do this kind of thing again. It’s also important to remember that these people are thieves and there’s no guarantee they’ll give you back your files once you've actually paid.
Thankfully, to date only a small percentage of people have coughed up to the demands of the hackers.
What is ransomware?
Ransomware is a name given to a malicious programme that blocks or locks access to computer files or data until an amount of money (or ‘ransom’) is paid.
Once infected, access to files is diminished and a message appears on your computer screen with details on how you can pay for their recovery. In the latest global cyber-attack, the attack was made through ‘WannaCry’, malware which is easily able to infect vulnerable machines within a network.
Once a computer was infected, a demand of $300 (£230) worth of the digital currency Bitcoin was made on each computer with a threat that if payment was not received in seven days, the data would be lost forever.
Keep safe from cyber-crime
Here's a few other general tips to ensure you don’t fall victim to cyber-crime.
- Install the latest updates. Whilst it may feel as if you’re being constantly bombarded by your phone and computer to update every few weeks, it’s important to run these updates on your operating systems to patch any security holes. In this latest case, the ransomware spread from device to device by taking advantage of a security hole in an older version Microsoft’s Windows operating system. This hole was fixed with the latest version of Windows and should act as a warning to those reluctant to update.
- Regularly back-up your files. If worst comes to worst and you're targeted by a cyber-attack, you can easily retrieve the files as you’ve safely stored them elsewhere. Devices for file storage and backing up are now cheaper than they’ve ever been, and this could save you a heap of money and ton of worry in the long term.
- Be careful what you click in emails. An easy way people can be caught out is by clicking on links in unexpected emails, or downloading unsuspecting attachments. It can be easily done, but be aware that the consequences are catastrophic for your internet security. Simply put, don’t click on hyperlinks in emails or download attachments if you don’t trust the sender.
- Don’t give out personal information to unsolicited emails. People can be conned into providing personal information (phishing). Such emails trick a victim into thinking they’re entering their details into a genuine account. Instead you’re sending personal information to scammers who can use these details to take money or steal your identity. Legitimate senders like your bank will never ask you for any security details or ask you to transfer money into another account.
- Make sure your antivirus product is up to date and run a scan. If you don't have one then install one of the free trial versions from a reputable vendor.
The National Cyber Security Centre website features ransomware advice and guidance for home users and organisations.