Warning about dangerous computer virus where hackers demand a ransom

Warning about dangerous computer virus where hackers demand a ransom

BATON ROUGE, LA (WAFB) - One of the biggest dangers to your security is not lurking on a dark street with a gun. It's hiding inside your computer, and takes just one wrong click to unleash it.

"Ransomware is identified as the number one threat right now to Louisiana," said IT consultant and cyber security specialist Henry Capello.

Ransomware is a computer virus used by hackers to take your money. Once the virus gets inside your computer or network it can freeze or encrypt all files and information. Hackers then demand money in exchange for the digital key that will unlock those files. Businesses and individuals are both at risk.

According to the Louisiana State Analytical and Fusion Exchange, there have been around 200 of these virus attacks throughout the state in the last 10 months. The Assumption Parish Sheriff's Office is just one agency that's recently handled a Ransomware case from a business in that parish.

"The business received a popup on their computer. It seemed similar to something, some software they currently run. They executed it, they noticed nothing really changed," explained Deputy Robert Martin. "Came back the next day, all the files on the computer were encrypted and there was a pop up that said if you want your files back, do this, do this and pay this amount of money otherwise your files are gone."

Martin says that business paid a $500 ransom, but he advises strongly against paying any ransom because it will likely lead to a second attack. Cyber experts say less than three percent of those hit pay the ransom, but that still nets hackers up to $300,000 a month.

"Unfortunately, these hackers, the software they use, unless you catch them before the money is paid, there's no way to catch them," said Martin.

Capello works with LSU's Stephenson Disaster Management Institute. He says preparing for a cyber-attack should be as routine as preparing for a hurricane.

"You can put all the intrusion protection systems, all the virus software you want, it's eventually going to get through. You have to have a plan, not only a backup but what happens after I get attacked," said Capello.

Capello recommends guidelines established by the National Institute of Standards and Technology or NIST. It boils down to five steps: Identify, Protect, Detect, Respond and Recover.

First, identify what information is at most risk and most valuable to the business.

Second, take steps to protect that data by making sure all antivirus software is up to date and by controlling who can access the data.

Third, learn to detect and recognize odd activity like unusual pop ups or phishing emails.

Fourth, take appropriate steps to respond to a hack. Law enforcement says many business hit by Ransomware do not report it out of embarrassment or a fear of losing customers. However, the sooner authorities are alerted, the more likely they can help control the damage. Cyber-attacks can be reported to the State Fusion Center through their See Something, Send Something program.

More information on that can be found here.

This leads to the final step, recover.

"You really need to have a good back up plan. You need to back up your data," said Capello.

Capello says it is important to always store backups of all information. If the information is especially sensitive, make sure that it is stored separate from the main computer network.

For the full NIST guidelines, click here.

The SDMI is also building a Cyber Lab where individuals or companies can get all the tools they need to protect their digital world. For more information on the SDMI click here.

For more information on Ransomware, click here.

Copyright 2015 WAFB. All rights reserved.