警聲

1 Photo

Recently, a new model of smart phone is selling like hot cakes in town. Winnie is a loyal fan of that brand and is determined to get one in the market.  One day, she found an online shop, which claimed to have the latest stock of that model of smart phone.  She trusted this shop and placed a few orders without any hesitation.
 
Several hours later, Winnie received a confirmation email with an attachment (alleged to be the formal invoice).  She clicked on the hyperlink, which directed her to the delivery.  The next day, Winnie switched on her computer again but a red window suddenly popped up with count down numbers, and messages alerted her that all her computer files had been locked and she had to pay a ransom to retrieve her files.  Winnie found out she was deceived and asked her friend, Michael, for help.
 
Michael is an information security professional and he told Winnie that her computer was attacked by a ransomware called “CryptoLocker”.  As suggested by Michael, Winnie made a report to police.
 
“CryptoLocker” is a kind of ransomware and it is known for its damages by encrypting files on infected local or network computers without the knowledge of the victim.  Ransom messages will be shown on the screen on the victimized computers and it is difficult to rectify the damages due to its complicated encryption mechanism.  The modus operandi is different from traditional practices and hackers will request payment in “Bitcoin” (BTC) in order to purchase the decryption key.
 
According to ZDNet, a total of 41 928 BTC were stolen in the last quarter of 2013 worth approximately US$27 million (HK$210 million).  Email phishing, spoofing and social engineering are the most common attacking vehicles or tools employed by hackers and this ransomware is usually hidden inside these kinds of email attachments as a Trojan. 
 
As a professional police officer in the new era with good sense of information security, we should regularly backup important computer files with secured removable data storage devices and follow the following security advices at home or in  office.
 
* DO NOT open unverified email attachments, especially in compressed or executable format.
 
* DO NOT click on any unsolicited hyperlink in the email.
 rel=