Ransomware is a type of malicious software that makes your computer or its files unusable and demands a fee for access. But paying a ransom is no guarantee you will regain access to your files, and it could make you vulnerable to further attacks.
Australia will have a mandatory data breach notification scheme in place within the year after several aborted attempts, following the passage of legislation through the senate today.
The Labor and Liberal parties today united to pass the government’s Privacy Amendment (Notifiable Data Breaches) Bill 2016 into law. Learn what the rules mean for your organisation.
The passage came despite a last-ditch attempt by the Greens to make changes to the bill that would shorten the period in which an organisation must notify of a breach down from 30 days to three.
The party also attempted in vain to capture political parties and businesses with less than $3m turnover under the legislation.
Read the full article here
An increase in online scams and frauds reported to authorities in the leadup to Christmas has reinforced the importance of safe online security practices.
The Australian Cybercrime Online Reporting Network (ACORN) received 2,608 reports of online scams and fraud from 1 December to 21 December 2016.
There were 1,415 reports to ACORN from 1 December 2015-1 January 2016 and 1,199 reports from 1 December 2014-1 January 2015.
So how can you protect yourself against frauds and scams? At Stay Smart Online, we recommend you download My Guide from our website. My Guide is a personal security guide that features tips and techniques to help you stay secure when working, socialising or just browsing online.
- Issues covered in My Guide include:
Being careful about posting to social media any photos or information about yourself, your friends or your family. You may be breaching your privacy and the privacy of those close to you. Unscrupulous people may take advantage of this information to undertake a range of unwanted activities, such as identity theft.
- Using strong passphrases (a series of words that may be longer, easier to guess and harder to remember than traditional passwords) to protect your online accounts from people who want to steal your information.
- Treating any unexpected message with caution. The message may be designed to trick you into giving out sensitive information such as your bank account details, credit card numbers and passwords/passphrases
- Keeping to trusted websites so you minimise the risk of inadvertently infecting your phone or computer with malicious software such as ransomware (malicious software that locks your device and requires you pay a ransom to its distributors to be unlocked), spyware or viruses.
- Protecting your online banking and other sensitive information by applying security updates (and using up-to-date security software on your device)
- Applying the same rigour to securing your mobile device as you do your personal computer. Doing so minimises the risk of people gaining unwanted access to your phone or tablet and any sensitive information those devices hold.
My Guide also includes a list of organisations that you can report scams, cybercrimes and identity theft.
For more information on staying safe online in 2017, visit the Stay Smart Online website.
The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.
What Are They and How Do I Deal With Them?
CryptoLocker and CryptoWall are examples of ransomware, a trojan than locks up your files and threatens to destroy the key unless you pay a ransom to enable the files to be unlocked again. You are given only a limited time to hand over the ransom fee, otherwise your data will be forever inaccessible.
They have been around for a couple of years and are reported to have infected over a million PCs worldwide, involving 5 billion files, and collecting over $100 million in the process.
CryptoWall is the current manifestation of this malware, as the CryptoLocker servers were seized by US and foreign law enforcement officials last year and shut down.
The ransom amounts demanded are typically between US$500 and $1000.
How Do I Get Infected?
CryptoWall uses a variety of methods including spam emails with malicious links or attachments, attacks from infected sites, and through malware programs already running on compromised computers. Recently, innocent-looking advertisements have appeared on popular websites like The Guardian and Facebook that lead to malware being downloaded to a user’s PC.
The lesson here is obvious:
- Never click on a link in an email unless you trust the sender;
- Don’t visit sites of dubious reputation;
- Don’t click on advertisements; and
- Ensure your PC has up-to-date anti-virus software that constantly monitors your PC’s activities.
Phishing is a pernicious way of getting you to click a malicious link. Phishing refers to email that looks as if it’s from a reputable company, e.g. your bank or Paypal, and asks you to click a link for some purpose. Reputable sites don’t do this. Always open a browser and enter the address you normally use for that institution. If there are any messages, you will see them there.
You are strongly advised not to use a work PC for non-work related activities.
Should you find yourself staring at a screen like this, your files are locked, even those in cloud services such as Dropbox, OneDrive, and Google Drive. In fact, any storage that is connected directly to your PC or over the Internet is susceptible to ransomware.
As soon as the message appears, turn off the PC, as the virus may still be in the process of encrypting your files. Restart your PC in Safe Mode by pressing F8 on rebooting.
Recovering From Infection
The files can only be unlocked by acquiring the decryption key, and that means paying the ransom. Paying the ransom is not recommended. You should contact your IT Vendor immediately.
To recover from the infection your IT Vendor may need to restore your system from a backup copy. This is why regular backups are essential. All the files affected – at least the ones you can’t afford to lose – should have been saved to an offline storage medium, and be as up-to-date as possible.
Before restoring from a backup, your vendor needs to ensure that CryptoWall has been completely removed from the system by running a full system scan using your anti-virus and anti-malware software.
Sunset photos from a drone at the wooden playground at Port Noarlunga. pic.twitter.com/jfOd…
Just as well I bought all the staff an ice cream today!!! pic.twitter.com/pIkx…
Drone Photo from the Adelaide Hills looking over the gulf. @ Aberfoyle Park, South Australia instagram.com/p/BbwL…
Some of Mirjana Dobson’s amazing art work on show in our office. @ City Rural Insurance Brokers… instagram.com/p/Bbk-…
City Rural Insurance Brokers Pty Ltd.
Australian Financial Services Licence No 237491
ABN: 52 074 444 296