Translation of award-winners and finalists
The source text is here
Victims of “Ransomware” Around the World
There is a new type of computer virus menacing people around the world. This virus makes pictures and other files on your desktop or laptop computers unreadable, then demands money in order to fix the problem. Because the virus threatens the victim with loss of property unless payment is received, this type of cyber-attack is called “ransomware.”
If your computer is infected, do you have to pay the ransom?
There are reports of victims’ computers being returned to normal after they paid the ransom. However, there are also reports saying that the computer was not fixed. Because there are people who pay the ransom, criminal organizations continue to spread this virus and make a business out of it. Taking this into consideration, paying the ransom actually promotes the crime. Moreover, it can lead to financial ruin, so experts say that is better not to pay. Unfortunately, if you get ransomware, you should give up on regaining your data.
Ransomware is used by cyber-criminal groups that used to sell fake security software. They were unable to make a profit on the software, so they switched to a more vicious option: ransomware. Some people have been arrested on charges of threatening people in this way for money, but since victims continue to emerge, it seems that other groups are also using ransomware.
According to Canon IT Solutions, a company that distributes security software, in Japan, there were 200,000 domestic emails that contained ransomware attachments in March 2016. It seems likely that these ransom-style viruses will continue to spread, so they advise everyone to be careful not to open attachments in suspicious emails.
Victims of ransomware viruses include municipalities, hospitals and schools. One such victim was the Machida City Hall in Tokyo. In December of last year, four employees received blank emails with no subject line. One of these employees opened the email attachment on an office computer, which was infected by the virus. The virus made stored files unreadable, and it infected not just the employee’s computer, but the server it was connected to. It encrypted server data for the employee’s entire office. The data became unusable. Machida Town Office had backed up its data, so they were able to restore the files, but the virus did interfere with some office business. On Twitter, “Infected!” tweets are quite common. However, this does not mean that information was leaked, so many companies do not publicize it.
How to avoid becoming a victim of ransomware
The most important thing is to take steps to avoid getting a computer virus. Ransomware can be included in email attachment files. The number of fake emails that appear to be from companies are increasing. These are hard to distinguish from real emails. To avoid infection, it is best to avoid opening emails that have unexpected attachments or are from people you do not know.
It is also possible to contract a computer virus while browsing the internet, even on official company websites, travel sites or online shopping sites that you visit regularly. Those sites can be falsified in order to spread viruses. Trend Micro, a security company, reported that in October 2015, 70 domestic websites were falsified and used to spread ransomware.
Of course, it is also vital to use the most recent virus protection software.
“Ransomware” Attacks Spreading Worldwide
A new type of computer virus that invades computers, renders files such as pictures within one’s computer unreadable by encryption, then demands an amount of money to unlock them, are claiming victims at an alarming rate around the world. Because the victim is asked for an amount of money to be paid as “ransom” to unlock their files again, this type of cyber-attack has become known as “ransomware.”
Should I pay the ransom to get my files back?
While there have been some reports of cases where the attacker did unlock the encrypted files after receiving the ransom money, some victims have also reported cases of the attacker not unlocking their files even after their ransom money was sent. Furthermore, because some people do decide to pay the ransom, some criminal groups spread these types of viruses to fund their businesses and activities. With this in mind, experts advise against paying ransom to attackers. Doing so ends up propagating criminal activities and will also bring financial losses to its victims. Unfortunately, this does mean giving up on recovering files that have been encrypted by the virus.
It is now known that ransomware has been included within counterfeit anti-virus software sold by certain organized cybercrime groups. Due to a decline in profits from selling counterfeit software, these organizations are switching to more aggressive and malicious methods of making money.
Some people from these groups have been arrested on the grounds of financial extortion for spreading ransomware, but as the number of ransomware cyber-attacks has not significantly decreased, it can be assumed that other groups spreading ransomware do exist.
According to Canon IT Solutions, a company providing information security services, by March 2016 there were an estimated 200,000 emails sent domestically in Japan containing ransomware in their attachments. It is apparent that ransomware viruses will spread even more in Japan in the future. Thus, Canon IT Solutions is advising computer users to exercise extreme caution when opening attachments from suspicious emails.
Municipal government offices, hospitals and schools have also reported being attacked by ransomware. Among these attacks was one on the Machida City Municipal Office in Tokyo last December. Four workers there received blank emails with no subject lines. When one of those four workers opened the file attached to the email, their computer became infected with the virus.
Ransomware viruses do not only infect computers, but can also affect data memory and any servers the infected computers are connected to. The Machida City Municipal Office had been regularly backing-up their files, so they were able to recover them. However, the attack did negatively affect some areas of their work.
There are many claims on Twitter from users reporting that their computers have “gotten infected,” but they usually are not successful in passing on information, and many companies are reluctant to publically announce such attacks on their systems.
How to protect your computer from ransomware:
First and foremost, protect your computer from getting infected by viruses. Ransomware is sometimes sent hidden in email attachments. Lately, the increasing amount of counterfeit emails posing as real existing companies makes it hard to discern whether an email is legitimate or not. Never open attachments from emails that you are unfamiliar with.
There are also cases in which the virus infects computers from other websites. Computers have gotten infected from users visiting commonly used websites such as official company home pages, travel websites, and online shopping websites. Unknowingly to these users, websites often visited have sometimes been tampered with and made to spread viruses. Trend Micro, a security company, reported that by October 2015, over 70 company websites in Japan had been tampered with and made to spread ransomware in some way.
It is, of course, also important to keep your anti-virus software up to date.
Ransomware: A Threat Worldwide
A new type of computer virus has been wreaking havoc around the globe – one that prevents users from accessing photos, documents, or other files from their computer and demands a cash payment in order to be removed. As the primary goal of attacks using these viruses is to extort money from users, the viruses themselves have been dubbed “ransomware”.
Is Paying the Only Way Out of Infection?
Some users reported that paying the fee returned their computers to normal, but reports of unsuccessful payments have been far from uncommon. In fact, certain criminal organizations have made a business out of spreading these viruses, since so many users end up paying out of desperation to rid their systems of the damages. For this reason, experts recommend avoiding payment; not only is paying the desired goal of the crime, but the fact that it is done willingly makes it difficult to press charges. Unfortunately, however, refusing to pay also means giving up on any hopes that the corrupted data on the affected system can be recovered.
Ransomware’s more “direct” methods of acquiring cash have also appealed to cyber-criminal groups that formerly used the slower approach of selling fake security software. But while some of these individuals have been arrested on charges of extortion through these viruses, the overall number of ransomware cases remains relatively stable, implying that these attacks are not limited to a single source.
According to a report from the infosec provider Canon IT Solutions, as of March 2016, there have been nearly 200 thousand emails with ransomware attachments sent within Japan alone. As there are signs that ransomware continues to spread even now, the company suggests taking extra caution not to open any suspicious emails or attachments.
The effects of ransomware viruses have even spread to local government offices, hospitals, and schools. Last December, four employees of Machida City Hall, Tokyo received emails without content or subject lines; one of these employees opened the message on their computer, infecting it with a virus. But this virus was designed to render not only the computer, but any connected servers and media records inaccessible, causing the server data of the employee’s entire department to be forcefully encrypted. In this specific instance, the city hall was able to restore the lost data from a backup, but the impact of the virus on other such businesses cannot be denied. Users tweeting about ransomware infection are a common sight, but the lack of other leaked information suggests that many companies may not publicly announce when they have been infected themselves.
Keeping Your Computer Safe from Ransomware
Above all, the most surefire method of keeping a computer safe from ransomware damage is to avoid infection. Some forms of ransomware are transmitted via email attachments, and the number of well-disguised emails, many of which appear to be sent from a secure source like a business, is on the rise. For this reason, when receiving emails from unknown sources, it is safest not to open any attachments.
Other cases of infection have resulted from browsing commonly visited and normally harmless websites, such as business home pages, travel sites, or online stores – the sites spreading these viruses have been altered to do so without the owners’ knowledge. According to the IT security company Trend Micro, as of October 2015, around 70 Japanese websites have been reengineered to disseminate ransomware in this way.
Of course, keeping up to date with antivirus software is just as important as taking caution with emails and internet browsing.
Ransomware: wreaking havoc worldwide
A new type of computer virus is wreaking havoc around the world: it prevents computer users from accessing the files, including photo files, on their computers and demands money for access to be restored. This type of cyberattack is known as ‘ransomware’ since it is made with the goal of collecting ransom payments.
What to do once infected
Although some victims reported that computer access was restored after a ransom payment was made, others were not so lucky. Criminal organizations have been distributing the virus as a business for making money because they are able to collect ransom payments from some victims. As such, specialists in the field advise victims not to pay the ransom because it causes monetary loss in addition to the fostering of criminal activities. Although it may be difficult, victims should just accept that the data are lost and move on.
Ransomware is being used by cybercrime groups that sell counterfeit security software as a more aggressive way to make money because the distribution of counterfeit software is no longer profitable. The occurrence of ransomware attacks has not decreased despite the arrest of some people on ransomware-related extortion charges, suggesting the existence of additional groups that use ransomware to extort money from victims.
According to information security service provider Canon IT Solutions Inc., approximately 200,000 emails containing ransomware attachments were sent within Japan in March of 2016 alone. The company expects the number of ransomware attacks to increase in Japan, and strongly advises computer users not to open any suspicious email attachments.
Ransomware has affected many organizations, including municipal governments, hospitals, and schools. For example, a computer at Machida City Hall in Tokyo was infected in December of 2015 when one of the four workers who received a suspicious email containing no text opened the infected attachment. Not only did the virus infect the computer, it went on to encrypt data on the departmental server, blocking access to information on connected servers and storage media. Luckily, the data had been backed up and could be restored, but not until the virus had already interfered with City Hall operations.
Tweets such as “We got infected!” are not uncommon on Twitter, but victims of ransomware attacks do not always tell others when they get infected. In fact, many businesses do not publicly release such information unless there had been a data leak.
Protecting your computer
The best protection is to avoid infection. Ransomware is spread via attachments in emails, so it is important not to open any attachments other than those from trusted sources. Extra caution is needed as fake emails coming from seemingly legitimate companies are becoming increasingly frequent and difficult to distinguish.
It is also possible to become infected just by surfing on the web, including on commonly visited websites such as official company homepages, travel sites, and shopping sites. Sometimes, websites are unknowingly hacked into and altered to spread viruses. IT security company Trend Micro Inc. announced that in October of 2015, approximately 70 websites in Japan were hacked into and altered to spread ransomware.
Last but not least, it is always important to use the most up-to-date virus protection software.
A Cyber Attack Without Borders: Ransomware
All of a sudden, you find yourself unable to open the pictures and other files on your computer. A message pops up that says to get your files back, you have to pay up. If this happened to you, you were a victim of “ransomware,” a new type of computer virus spreading like wildfire all around the world. This type of cyber attack gets its name from the monetary payment it demands from its victims.
Should you pay the ransom?
While some victims report that their files were restored after sending the payment, others report that theirs were not. And because there are people willing to pay to get their files back, criminal organizations are making a business out of spreading these viruses around. Essentially, paying to restore your files means you are not only out the money, but you are also encouraging this kind of criminal activity. For this reason, experts advise against paying the ransom. This does, unfortunately, mean giving up the hope of recovering your data.
Some sources claim that ransomware is being spread by a cybercrime organization that used to peddle fake antivirus software. As the rogue software became less profitable, this group turned to a more malicious money-making scheme in the form of ransomware. Although some individuals have been apprehended and arrested for extorting money this way, these cyber attacks continue to run rampant, suggesting that there are other groups out there responsible for spreading ransomware.
Canon IT Solutions, a company that provides information security services, estimates that in March 2016, Japanese email addresses were the targets of 200,000 emails containing ransomware attachments. As this number is expected to increase in the future, they urge caution, advising everyone to never open suspicious attachments.
Even local governments, hospitals, and schools are not immune from this type of computer virus. Machida City Hall in Tokyo fell victim to such an attack in December of last year. Four staff members received an email with no subject or message, and when one of them opened the attached file, a city hall computer became infected with a virus. This virus was programmed to spread to all connected servers and data media and remove access to files. It encrypted all the data in the servers within the department the infected computer belonged to, blocking access to those files. Machida City Hall had made backups of its data, so they were able to restore all the files. However, the incident interfered with some city hall operations until it was resolved. Browsing Twitter will reveal countless tweets kvetching about ransomware infections, but this is merely the tip of the iceberg, as it is likely that many ransomware infections of businesses and other organizations go unreported.
How to protect yourself from ransomware
The best solution is to avoid getting infected with computer viruses. Ransomware often comes in the form of an email attachment. A growing tactic among cyber criminals is to disguise these emails, making them difficult to distinguish from legitimate emails sent by real businesses. Be sure to never open any email attachments unless you recognize the sender and the message.
Your computer can also be infected with ransomware from browsing the Internet, just by navigating to seemingly innocuous websites like business home pages or travel or shopping sites, even ones you have safely visited in the past. Cyber criminals can create rogue versions of these pages designed to spread viruses to unsuspecting visitors. The security company Trend Micro reported that in October 2015, there were 70 cases of websites in Japan being forged to spread ransomware.
And of course, ensuring you have the latest antivirus software is also essential.