The Regina Police Service would like to advise the public of a computer virus that has attacked local businesses in recent months.
The type of virus, commonly called “ransomware”, works by encrypting files on the user’s computer system and then holding them hostage until the user pays a fee to have the files decrypted. This is not a new type of computer attack but has become more prevalent globally in the last few years. The virus is usually installed unknowingly by the user. Examples of how this can occur include visiting a compromised website while using the internet or opening a link or attachment from a unknown email address.
Once the virus is installed, a message will usually appear on the monitor advising that the computer has been infected and the user will have to contact an email address for instruction on how to restore the infected files. The perpetrators of the attack will then direct the user to pay a ransom to have the computer files restored. Once the ransom is paid a decryption key is provided to the user to unlock the computer system and/or files.
In the attacks recently reported to the Regina Police Service, the user has been directed to pay the ransom in the form of cryptocurrency called “bitcoin” however other payment methods such as iTunes cards or Amazon gift cards are also common.
The Regina Police Service does not support “paying” the ransom in these types of incidents as there is no guarantee that perpetrators will provide any means to unlock the infected computer system. There is also no guarantee that the infected computer system or files will not be corrupted or damaged after they have been decrypted.
The ransoms in these types of attacks can vary in value from hundreds to hundreds of thousands of dollars. In addition to the potential money value being lost to pay the ransom, victims of this type of attack also face the monetary cost of replacing computer systems and loss of revenue if the business is unable to operate due to an infected computer system.
The Regina Police Service strongly advises the local business community and general public to be proactive in maintaining a high level of cyber security. Regularly backup your computer system and update malware and anti-virus software. Also, be vigilant when using the internet and be cautious of opening email from unknown senders.