Beware of ransomware cyber attack in SA
As European authorities reel from a mass ransomware cyber attack that also infected Britain’s National Health Service (NHS), local cyber experts say South African companies and government departments must brace themselves.
Pieter Erasmus, an IT security strategist, warned: “Once the data on a PC has been encrypted by the malware, the only way to unlock it is to pay the ransom, however odious that may be.”
He said the cost to unlock a computer ranged between R4000 and R8000.
There was, however, no quick fix to the problem.
“It would be a relatively simple matter to alter the code of the malware to circumvent the temporary solution that has been found to stop the current attack,” he said.
According to the BBC, 48 NHS trusts reported problems at hospitals, GP surgeries and pharmacies. Thirteen NHS organisations in Scotland were also affected by the malware.
And it was not only Britain that was affected: 200000 people in 150 countries around the world were also hit by the attack, the BBC said.
The malware can be described as a Trojan horse that is embedded within a hyperlink, advert or webpage that one opens which gives the virus an opening to infiltrate and take over your computer.
Once it is in, it encrypts or locks files in your computer, with the attackers being the only people able to open it. According to local IT researcher Arthur Goldstuck, the malware was already in the country and South Africans were just as susceptible to being attacked.
A huge problem was that businesses did not want to admit that they were being held ransom by such attacks.
Government departments also needed to back up their data, he said.
Previous attacks targeted individuals and a few businesses, while this one is a widespread ransomware attack that has hit businesses globally.
Businesses affected by the malware also had to take responsibility.
“Anyone forced to pay the ransom is guilty of dereliction of duty,” Goldstuck said.
Businesses and the public are supposed to constantly update their computers with the latest patches and software updates.
According to Kaspersky Lab, an anti-virus and cyber-security company, the ransomware exploits a vulnerability in Microsoft Windows.
Paying the ransom was not a good idea as it did not guarantee the hackers would hold up their end of the bargain and decrypt the files that had been locked, Goldstuck said.
In fact, paying the ransom could have the opposite effect, making the criminals demand more money from their victims.
For individuals, Goldstuck said: “You cannot delay software updates to save data. You will be saving something small and risking something big.”
One of the best ways to protect your computer from attack was to make sure you had backups, Goldstuck said.
Cyber security expert Dr Aleksandar Valjarevic said the best way to prevent cyber attacks was to update software.
“The most important thing is to install all the updates that are sent to users, not just on operating systems but for all software being used.”
He advised people not to open e-mails that looked suspicious and to be aware that anti-virus and firewalls did not give full protection.
“Make sure the data backup system is in place and that the recovery plan is in place so that even if you become a victim of a ransomware attack, you are able to control the situation and restore your data,” Valjarevic advised.