Story image

Kiwi universities and businesses targeted by scammers

27 Apr 16

​Kiwi universities and businesses are being targeted by ransomware scammers, according to Computer Forensics NZ.

According to the company, Otago University recently put an alert on its website warning of a significant increase in attacks aimed at the university. Likewise, Auckland University now warns about the increasingly common crypto-ransomware attacks on its website.

Brian Eardley-Wilmot, managing director of Auckland-based Computer Forensics, says last year saw multiple Kiwi businesses and individuals targeted.

He says 114 Kiwis were targeted in one day in just one ransomware attack, one business paid out $11,000 to have its data unlocked and another paid $9,000, for example.

However, Eardley-Wilmot says, “people shouldn’t panic.”

“This is the aim – to scare the living daylights out of you,” he says.

Eardley-Wilmot says mobile devices, including Apple iPhones and iPads, are also now being increasingly targeted.

“One recent nasty attack saw a message allegedly from the police appear on mobiles saying the victim had been found to have child porn and if $200 (ransom) wasn’t paid the message would be sent to everyone in the person’s address book,” he says.

According to Eardley-Wilmot, ransomware cyber-criminals are taking a more business-like approach to targeting organisations and businesses.

“They’ve moved beyond random attacks on individuals and are now targeting bigger fish,” he explains. “Some are even pricing their demands in line with how big an organisation is and its market value.”

The targeting of New Zealand universities and businesses mirrors recent ransomware attacks in the US that have seen hospitals, schools and even the police targeted.

“Ransomware is a virus, but what makes it particularly nasty is that it locks up (encrypts) the victim’s data,” Eardley-Wilmot says.

“The cybercriminals then demand a ransom of anything from a few hundred to thousands of dollars before unlocking your data – but with no guarantee they will do so,” he explains.

Eardley-Wilmot says Computer Forensics – which has 16 years’ experience of computer security and fraud – can usually help organisations unlock malware-encrypted data.

“But organisations can do a lot to protect themselves too.”

Tips on how to beat ransomware scammers:

  • Back up fully and often – and to devices and places not connected to your computer or network. This means having removal storage, such as a second hard drive that can be disconnected, or a CDR, DVD or Blu-ray disc, or even a modest USB flash drive. Back up remotely to the cloud too. If your data is backed up, you need not fear it being locked up by scammers unless you synchronise an infected machine to your cloud account.
  • Update your software regularly to ensure all those vulnerable holes that scammers exploit to get into systems are patched and closed off.
  • Educate your staff (and yourself) to guard against any emails that look the least bit odd, or come from an unknown source. Don’t open them and certainly don’t click on any links or open any attachments unless you positively know that the email is genuine – this is how scammers wriggle in. Make that call to find out if the sender is legitimate. If you click on emails regardless of the source you will get infected.
  • Act fast and shut down if you become infected. Do so immediately, so as to limit the spread of the virus’ infection.

Eardley-Wilmot also advised people not to try and fix a tainted PC themselves.

“Call in the experts. There is a danger the virus may copy from machine to machine if you play around with it,” he says.

IP theft: A global issue catching NZ businesses off guard
“We have this incredible record of innovation in New Zealand. But our innovative businesses haven’t always been meticulous in shoring up their IP."
Why A/NZ organisations need to improve compliance protocols
Only a mere 4% of IT decision makers and data managers surveyed said their organisation faced no data management challenges. 
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.
BlackBerry buys out cybersecurity AI firm Cylance
“We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.”
Data protection is key to building customer trust
"New data compliance rules offer an opportunity for businesses to re-evaluate their processes and improve data management and customer loyalty."
NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."