Payments networks — whether Swift or the latest peer-to-peer money transfer app — are only as trustworthy as their weakest link. Even if data are encrypted in transit, each bank or individual on a network must be able to reliably prove who they are — and authentication in payments still has a way to go.
What happens when a computer is infected with the malicious software, and what should you do to protect your files?
Cryptolocker is back in the headlines, thanks to a coordinated effort to take down the computers and criminals that run the notorious “ransomware”. But what is it? And how can you fight it?
Cryptolocker is ransomware: malicious software which holds your files to ransom
The software is typically spread through infected attachments to emails, or as a secondary infection on computers which are already affected by viruses which offer a back door for further attacks.
When a computer is infected, it contacts a central server for the information it needs to activate, and then begins encrypting files on the infected computer with that information. Once all the files are encrypted, it posts a message asking for payment to decrypt the files – and threatens to destroy the information if it doesn’t get paid.
The authorities have won users a two-week window of safety
The National Crime Agency (NCA) announced yesterday that the UK public has got a “unique, two-week opportunity to rid and safeguard” themselves from Cryptolocker. The agency didn’t go into more detail, but it seems likely that at least one of the central servers which Cryptolocker speaks to before encrypting files has been taken down.
The NCA has also taken down the control system for a related piece of software, known as GameOver Zeus, which provides criminals with a backdoor into users’ computers. That back door is one of the ways a computer can be infected with Cryptolocker in the first place.
What that means is, until the window is closed – and the virus cycles to new servers – users who are infected with Cryptolocker won’t lose their files to encryption. As a result, these users have the chance to remove the virus before it destroys data, using conventional anti-virus software. In other words, there has never been a better time to update the protection on your computer.
But watch out – while the servers that control Cryptolocker are out of action, it’s possible to be infected with it and not know. If you don’t keep your computer clean, then at the end of the two-week period, you could be in for a nasty surprise.