Date
25 March 2017
Chung Wai-lun and Rachel Hui Yee-wai of Hong Kong police's cyber-security cell say ransomware has emerged as a key threat in the online world. Photo: HKEJ, Internet
Chung Wai-lun and Rachel Hui Yee-wai of Hong Kong police's cyber-security cell say ransomware has emerged as a key threat in the online world. Photo: HKEJ, Internet

Police list ransomware as top cyber-security threat

Hong Kong authorities have urged computer users to remain vigilant against “ransomware”, identifying online extortion tools as a top threat to cyber security.

The police’s Cyber Security and Technology Crime Bureau (CSTCB) warned there are no effective solutions at the moment to some of the online threats, the Hong Kong Economic Journal reported.

Computer users should be careful of emails from unknown sources to prevent themselves from being attacked, and they should save backup files offline periodically to minimize the impact in case of attacks, the bureau said.

Ransomware is a type of malware that can be installed on a computer without knowledge of the user and restricts access to the infected computer system until the user pays a ransom to have the restriction removed.

A recent study by an online information security firm showed that there were 21 ransomware attacks on average a day in 2015.  

The police believe the actual number could be far more, and identified “Jigsaw” and “Locky” as the two most dangerous cyber blackmail malware.

According to CSTCB senior inspector Rachel Hui Yee-wai, all of the document files affected by Jigsaw would be encrypted and cannot be opened. An image of Billy the Puppet as seen in the horror film series “Saw” would appear on the computer screen.

The attacker says in a blackmail message that ransom must be paid before a deadline or all of the encrypted files will be deleted, Hui said, adding that a decryption key can only have limited effect.

As for Locky, which attacks a computer through Microsoft Word files sent by email, there is no effective way to decrypt it yet, the police admitted.

The Locky malware encrypts files on the victims’ computers and renames all of them with a “.locky” file extension. Victims would be asked to pay up the ransom in bitcoins to get the decryption key, or else they would lose the files.

Hui said dozens of reports on attacks by Locky have been received so far, mainly from small and medium enterprises, non-government organizations and educational institutions.

Chung Wai-lun, a senior officer of the bureau, urged computer users who are attacked by ransomware not to pay the demanded ransom, which can vary from several hundred US dollars to over a thousand.

Affected people should turn off their computers and all peripherals immediately, Chung said.

The police and Hong Kong Applied Science and Technology Research Institute (ASTRI) will jointly host a Cyber Security Summit during May 16-18 to offers insights on the latest issues and trends in cyber security.

The goal is help commercial enterprises, especially those in the financial and banking fields, to understand ransomware better.

– Contact us at [email protected]

TL/DY/RC

EJI Weekly Newsletter

Please click here to unsubscribe