​Kiwi universities and businesses are being targeted by ransomware scammers, according to Computer Forensics NZ.

According to the company, Otago University recently put an alert on its website warning of a significant increase in attacks aimed at the university. Likewise, Auckland University now warns about the increasingly common crypto-ransomware attacks on its website.

Brian Eardley-Wilmot, managing director of Auckland-based Computer Forensics, says last year saw multiple Kiwi businesses and individuals targeted.

He says 114 Kiwis were targeted in one day in just one ransomware attack, one business paid out $11,000 to have its data unlocked and another paid $9,000, for example.

However, Eardley-Wilmot says, “people shouldn’t panic.”

“This is the aim – to scare the living daylights out of you,” he says.

Eardley-Wilmot says mobile devices, including Apple iPhones and iPads, are also now being increasingly targeted.

“One recent nasty attack saw a message allegedly from the police appear on mobiles saying the victim had been found to have child porn and if $200 (ransom) wasn’t paid the message would be sent to everyone in the person’s address book,” he says.

According to Eardley-Wilmot, ransomware cyber-criminals are taking a more business-like approach to targeting organisations and businesses.

“They’ve moved beyond random attacks on individuals and are now targeting bigger fish,” he explains. “Some are even pricing their demands in line with how big an organisation is and its market value.”

The targeting of New Zealand universities and businesses mirrors recent ransomware attacks in the US that have seen hospitals, schools and even the police targeted.

“Ransomware is a virus, but what makes it particularly nasty is that it locks up (encrypts) the victim’s data,” Eardley-Wilmot says.

“The cybercriminals then demand a ransom of anything from a few hundred to thousands of dollars before unlocking your data – but with no guarantee they will do so,” he explains.

Eardley-Wilmot says Computer Forensics – which has 16 years’ experience of computer security and fraud – can usually help organisations unlock malware-encrypted data.

“But organisations can do a lot to protect themselves too.”

Tips on how to beat ransomware scammers:

• Back up fully and often – and to devices and places not connected to your computer or network. This means having removal storage, such as a second hard drive that can be disconnected, or a CDR, DVD or Blu-ray disc, or even a modest USB flash drive. Back up remotely to the cloud too. If your data is backed up, you need not fear it being locked up by scammers unless you synchronise an infected machine to your cloud account.
• Update your software regularly to ensure all those vulnerable holes that scammers exploit to get into systems are patched and closed off.
• Educate your staff (and yourself) to guard against any emails that look the least bit odd, or come from an unknown source. Don’t open them and certainly don’t click on any links or open any attachments unless you positively know that the email is genuine – this is how scammers wriggle in. Make that call to find out if the sender is legitimate. If you click on emails regardless of the source you will get infected.
• Act fast and shut down if you become infected. Do so immediately, so as to limit the spread of the virus’ infection.

Eardley-Wilmot also advised people not to try and fix a tainted PC themselves.

“Call in the experts. There is a danger the virus may copy from machine to machine if you play around with it,” he says.