Criminals routinely take advantage of the opportunities offered by the Internet and Information Technology to meet their gains, be it for profit, notoriety or to cause harm. Cybercrime takes many different forms:
Phishing | Account Takeover | Email Compromise | Ransomware | Denial of Service | Online Fraud | Malware/Viruses | Hacking | Website Defacement |
You opened an email attachment and now you cannot access any of the files or folders on your computer. A note was left on your computer asking a payment to be made in order to regain access to your data.
Ransomware is a malicious software that prevents access to a computer, mobile device or data that is stored on the device.
If a device is infected with Ransomware, the device may become locked, or the data on it might be stolen, deleted or encrypted.
Normally the user will be requested to make a payment (the ransom) in order to ‘unlock’ the computer or access the data.
However, even if you pay the ransom, there is no guarantee that the computer or files will be ‘unlocked’
How to prevent Ransomware
The National Cyber Security Centre (NCSC) has published advice to assist individuals and businesses to prevent & recover from ransomware incidents.
- Make regular backups of important information (such as photos and financial documents) and check you know how to restore this.
- Make sure the device containing your backup (such as an external hard drive or a USB stick) is not permanently connected to your computer.
- Consider backing up to the cloud. This means you'll be able to access your data quickly from anywhere.
Protecting your data and devices
The following steps will reduce the likelihood of your computer or device being infected with ransomware.
- Keep your operating system and software (apps) up to date. Don't put off applying updates, they contain patches that keep your device secure, including protection from ransomware and viruses.
- Make sure your antivirus product is turned on and up to date. Windows has a built in malware protection tool (Microsoft Defender) which is suitable for this purpose.
- Avoid downloading unofficial apps. Only use official app stores (like Google Play or the Apple App Store), which provide protection from viruses.
What to do if affected by Ransomware
If your computer or device has been infected by ransomware (or any type of malware), you should:
- Open your antivirus (AV) software, and run a full scan. Follow any instructions given. If your AV can’t clean your device, you’ll have to wipe it entirely, factory-reset and re-install everything, starting with your operating system.
- Restore your backed-up data that you have kept on a separate device (such as USB stick, external hard drive or cloud storage).
- Do not copy any data from the infected computer or device.
- If you receive a phone call offering help to clean up your computer, hang up immediately. This is a common tactic used by cyber criminals.
- In some instances, devices can be ‘unlocked’ by utilising the FREE Police and Industry backed Europol initiative, No More Ransom: https://www.nomoreransom.org/en/index.html
Should I pay the ransom?
Police Scotland and partners, including NCSC encourages individuals / organisations NOT TO PAY THE RANSOM. If you do:
- There is no guarantee that you will get access to your data or device.
- Your device will still be infected.
We would advise anyone who thinks they may have been subject to a ransomware attack to contact Police Scotland via 101 (Non-emergency) or 999 (where there may be a threat to life or threat to national infrastructure.)For further guidance please see the information at NCSC and No More Ransom
Someone has hacked into your online accounts – Social Media, Banking, Email etc. and made changes to your details without your permission to do so. Or, an associate of yours has received an email that has been sent from your email address informing them of a change of payment details and you know that you did not send the email.
Denial of Service Attacks
Your business or personal website or IT system has come under some form of cyber-attack and genuine visitors/users are unable to access the systems that they require.If you believe that you have been the victim of a Cybercrime, you can report it to Police Scotland.
Related Documents and Advice
How can I keep my child safe online? For more information about how to keep your child safe online, who can help and where you can report inappropriate, illegal or indecent images involving children, visit CEOP.
Get Safe Online – Get free expert personal and business advice on the Get Safe Online website.
Cyber Aware – Cyber Aware’s aim is to make good cyber security habits second nature, not an afterthought, for individuals and small businesses.
Scottish Business Resilience Centre - SBRC is a unique organisation comprising contributions and secondments from Police Scotland, Scottish Government, Scottish Fire and Rescue Service, major banks, industries, investors and private membership with the aim of providing businesses with a ‘one stop shop’ for business security and advice.