Has anyone ever heard of this? So bizarre story, my parents business' computer system was infiltrated by hackers. The hackers locked them out of all their files and business documents. They won't let them back in unless they pay a ransom of $4000. The whole enterprise is called ransomware (that's not the actual name of the hacker but just the tactic)
We called the FBI and they said they are aware of these sorts of incidents but their is not much they can do. Apparently these groups charge a nominal amount that it ends up costing more money to pursue or remedy the situation then to just pay the ransom.
Good luck to your parents.
Pay the ransome and then they come back for more.
I got something similar once and used a program called spyhunter that cleaned it up. Not sure if the same thing, I wasn't completely locked out, iirc.
I was able to get rid of it then I downloaded malwarebytes and cleaned a bunch of other shit.
it's unnerving at first, to see how easily they can access your computer and prevent you from doing so, but obviously I knew I wasn't running a child porn ring.
this is assuming it's locker ransomware (they lock you out of the computer/files) not encrypted ransomware (they have encrypted your files) - encrypted is harder.
in either case, backing up important files should be a standard practice for everyone.
Just having Anti-Virus does nothing to protect advanced threats like this. Ransomware is 20 years old, but it has grown in popularity the last 12 months. I think its a result of the massive shift to digitizing personal information in healthcare without also increasing security precautions.
Also, they will most likely have to pay to get their files back but that is no guarantee the files will actually be accessible.
... Actually that's good advice for anyone reading this. I have a Check Point 730 firewall on my home network, running all sorts of advanced threat prevention and detection.
Backing up is key, but if you are backing up to an external device (Flash drive, external hard drive, etc..) you probably shouldnt leave it connected a 100% of the time. I know a lot of people who do external drive backups just leave the drive connected. Its not 100% the case, but many times these ransomware attacks can easily infect external devices.
Pay the ransome and then they come back for more.
I got something similar once and used a program called spyhunter that cleaned it up. Not sure if the same thing, I wasn't completely locked out, iirc.
These ransomware attacks usually come from overseas. Even if you can track down the hacker (which is often impossible), the FBI has no jurisdiction. They can work with overseas law enforcement, but these guys often are from places like Russia, China, Iran, etc -- places that won't cooperate.
So quite a few got hit. Georgetown Med Center was one. I can only imagine what the cash settlement was.
That they are hitting smaller organizations means the big ones have wised up.
It's a real problem, this thing. Part of the cyber-security training for employees at my office includes a ransomware warning. But it's easy to get caught up in a phishing scam or something similar and boom, you're screwed.
Quote:
Too bad. If they don't chase the POS's down, they will keep doing it.
Pay the ransome and then they come back for more.
I got something similar once and used a program called spyhunter that cleaned it up. Not sure if the same thing, I wasn't completely locked out, iirc.
These ransomware attacks usually come from overseas. Even if you can track down the hacker (which is often impossible), the FBI has no jurisdiction. They can work with overseas law enforcement, but these guys often are from places like Russia, China, Iran, etc -- places that won't cooperate.
Above and beyond that, much of the ransomware is toolkit based, where teams sell configurable packages to other miscreants who end up creating their own variety of a basic ransomware package. The net result is very tricky to attribute to a specific group before you even get down to jurisdiction.
The only way to protect yourself is through good cyber behavior - keep your machines up to date patch wise, make sure you're running antivirus, keep your network firewalled off appropriately and try not to visit sites that obviously host malicious software or content, and never install software that you aren't 100% sure came from a legitimate source. Even if you follow all those rules, you aren't 100% safe, but you're a hell of a lot closer than you might be otherwise. Law enforcement really can't serve to do much until it becomes a local matter (e.g. cyberbullying) or there's a financial loss.