Ransomware continues to make the news in New Zealand for all the wrong reasons. This is because internet users and business owners face the choice of losing access to essential data and devices or paying out ransom demands to criminals when an infection strikes.

Ransomware is spread via traditional malicious email attachments, by ‘drive-by download’ where a website is serving malware or via ‘malvertising’ where online adverts are designed to infect visitor devices.

Ransomware comes in many forms and has been growing in magnitude over the last few years. There are three main forms:

  1. Browser locking ransomware which prevents a user from closing their browser;
  2. Android ransomware;
  3. File encrypting ransomware which scrambles data and usually demands a payment to obtain a unique decryption key.

Why is ransomware so common?

There are several reasons why ransomware continues to infect personal devices and hurt businesses:

  • Failure to adequately prepare and focus on online security;
  • A reliance on old or outdated hardware and software with known vulnerabilities;
  • The volume of spam messages delivering nasty attachments and directing recipients to click on malicious links is rising; and
  • Constantly evolving social engineering techniques designed to trick users into installing malicious apps on mobile devices or opening suspect files that trigger an infection.

Prevention is key

When it comes to preparing for a ransomware infection, there are several quick and easy actions home internet users and small business operators can take:

  • Apply security patches on applications and operating systems on every connected device;
  • Install, run and keep updated good quality anti-virus or anti-malware software;
  • Limit the number of users with administrative privileges and whitelist applications that are allowed to run;
  • Use two-factor or multi-factor authentication for critical systems; and
  • Use unique strong passwords or passphrases to protect essential accounts.

More information

  • Contact NetSafe if you’d like further advice on 0508 NETSAFE
  • Report a ransomware incident to Netsafe