Malicious software attack - police warning

Police warn of recent increase in cybercrime attacks.
Police warn of recent increase in cybercrime attacks.

Police Scotland is warning computer users to ensure their devices have the latest security software installed, following an increase in malicious attacks.

Every computer user is vulnerable to the malware, and Scotland has been targeted because of the high number of small to medium sized enterprises which operate here, and which often do not have the IT resources of larger companies.

Computers can be attacked in a number of ways, such as by opening a malicious attachment hidden in an an email, clicking on a malicious link in a social media message or by visiting a website which has been corrupted, often unknown to the website’s host. Inserting a corrupted USB device, such as a mobile phone, memory stick, external hard drive of a music player.

The ‘ransomware’ attack encrypts the data and disables all functionality, then tells the computer user they have to pay a substantial sum to be able to use their computer device again, but even if they do, there is no guarantee this will work, and they can also become vulnerable to repeat attacks.

Detective Chief Inspector Willie Cravens, Operational Lead for Police Scotland’s Cybercrime Unit, said: “This is a sophisticated attack which, in most cases, virtually destroy a computer and could cost the victim hundreds of pounds to replace.

“There is no guarantee they will be able to get back into their machine, and even if they do, would have to completely wipe the hard disk and start from scratch.

“Paying the ‘ransom’ – often several hundred pounds – to ‘unlock’ the computer does not solve the problem because there is no guarantee the fraudsters will do this, and it also makes the victim vulnerable to repeat attacks.”

In order to prevent people becoming victims, Police Scotland is advising every computer user to ensure they are running the latest versions of security software; have their data backed up regularly to cloud services or devices not connected to their computer and to be extremely vigilant about opening any unsolicited email communication.