Your computer is locked up, and there’s an intimidating message on your screen supposedly from the police, or the FBI, or some other authority. It’s demanding you pay a fine in order to unlock your computer. Ever happened to you or someone you know?
We at F-Secure want you to know: You should never pay the fine. Never, not in a million gigayears. (Yes, it’s actually a word.)
The message is not in fact from the police, or the FBI, or whatever authority it claims to be from. It’s from cybercriminals who are playing on your uncertainty and fear. Your computer is infected with malware. Essentially what the cybercriminals are doing is demanding a ransom for unlocking your computer.
That’s why we call this type of malware…ransomware. And, you guessed it, paying up doesn’t unlock the computer after all.
The where and the why
Police-themed ransomware has become a problem in dozens of countries around the globe. In each country the malware is localized with the local language and the national law enforcement logo. In fact, one version of police ransomware supports localization to more than 40 countries. And one single criminal group is suspected to have targeted more than five million computers around the world.
According to F-Secure Labs’ statistics, police ransomware began appearing in Germany, and then nearly all countries in Western Europe, the Nordic countries, the US, Canada, and Australia were affected. Criminals have also started targeting countries in Latin America, for example Mexico, Argentina, Boliva and Ecuador. The latest additions are some countries in North Africa and the Middle East.
What’s interesting is that many people actually do pay the ransom, perhaps out of uncertainty, fear, or maybe they just don’t want to deal with the problem. So this turns out to be quite a profitable venture for the criminals. (Therein lies the why.)
To build awareness about ransomware, F-Secure has joined forces with local police in Finland and CERT-FI to create a site dedicated to educating people about ransomware. The site also helps those who are affected get rid of ransomware. You’ll find it at ransomware.fi.
And if you have questions about ransomware, you can ask an F-Secure security expert in a special online Q&A session happening now through the end of October. The session is being held through the F-Secure Community and is accessible via http://community.f-secure.com/t5/Stop-Ransomware/qa-p/stopransomware.
Of course, to protect yourself from ransomware and other malware, use good Internet security software. (If you’re using F-Secure, make sure Browsing Protection and DeepGuard are enabled to protect from malicious websites.) And keep all your software, not just your security software, updated to prevent software exploitation.
If you have a ransomware story, share it here!
In less than two months, the world has seen the two biggest ransomware outbreaks ever…
July 7, 2017
UPDATE: For the latest on Petya, check this F-Secure Labs post. Are we still calling…
June 28, 2017