Related: Cyber crime surge in Bendigo
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
It’s every computer user's worst nightmare.
An image appears on the screen demanding $1000 within 48-hours or all the computer’s files will be deleted.
Treasured family photographs, crucial business documents, lifetimes of memory and hours of painstaking work held to ransom.
Such cryptolocker ransomware attacks are becoming increasingly frequent in Bendigo and around the world.
And once the documents have been encrypted nothing but paying the ransom has any chance of retrieving them.
So what should you do to prevent the virus, what should do in the case of an attack and how can you keep your files safe?
How to prevent an cryptolocker ransomware attack?
Viridian IT Bendigo managing director Ronnie Lowe said the virus was downloaded by clicking a link from an often-legitimate looking email purporting to be from a major business or government agency.
"Australia Post is one that catches a lot of people because it is a very legitimate looking email," he said.
"But look closely at the grammar, often it makes sense what they are trying to type but it has been written by someone who English is not their first language.
"Everyone I've seen has clearly been written by someone whose first language is not English."
“Random” email address were also a tell-tale sign of a hacker, as well as letter heads which “just don’t look quite right”.
Finally, you check the web address where the hyperlink will take you without clicking through, he said. You can do that by holding the mouse cursor over the hyperlink without clicking it will bring up – if the web address from an email supposedly from Australia Post is hosted in Russia, probably best not to click it.
What to do in the case of an attack?
Cryptolocker ransomware can lay dormant in a computer for days and weeks after it is downloaded. If you become aware that your files are being encrypted, switch of your computer immediately, Centre Com Bendigo sales representative Eli Buchan said.
“You can remove the actual virus which starts encrypting all your files, but once the files are encrypted you can't break them,” Mr Buchan said.
“If you do get it, the only way to completely get rid of it is to completely wipe your computer and then use your back up if you’ve got one.”
How can you keep your files safe?
“Youve got to have a back-up, that is the only way to solve it, or you'll have to pay them money,” Mr Lowe said.
For home computer use, that might be as simple as an external hard drive. For a business or insitution, however, that becomes increasingly sophisticated.
"We had a client with three servers go down this morning,” Mr Lowe said.
“Someone opened a dodgy email from AMEX and it corrupted three servers completely, they lost somewhere in the vicinity of 900 gig worth of data.
“Twenty minutes servers restored problem solved, because they had a back-up, completely virtualized infrastructure.”