POLOKWANE – Const. Joseph Ngwanga told Review that he recently received phone calls from his parents, informing him that he was sharing porn on his Facebook page. He later discovered that his account was hacked from his phone by means of an e-mail that he opened. This e-mail downloaded a link to a porn site, posting videos on his behalf. A local doctor who did not want to be named said all her banking details were hacked and money was withdrawn from her bank account. According to a IT expert in the city the problem with ransomware is that it’s send in different ways to different devices. Ransomware infects an operation system and the device is unable to re-boot. It will also download files that will attach to different files on the device. These files then have a timer that starts deleting the files or encrypting them, corrupting the operating system.
Internet Technology expert Martin Grobler told Review that some of these ransomware or malware can also give a hacker access to files on social media or even files use for online banking, leading to theft.
A Legal wise representative, Joyce Rabohale told Review that especially phones are infected by the downloads.
She gave some tips to help prevent this from happening:
- Develop a back-up and recovery plan. Back-up your systems regularly, and store the back-up offline on a separate device.
- Use professional e-mails and web security tools that analyse e-mails and attachments, and can block potentially compromised advertisements and social media sites that have no business relevance. These tools should include sandbox functionality, new or unrecognised files can be executed and analysed in a safe environment.
- Keep your operating systems, devices, and software patched and updated.
- Make sure that your device and network antivirus, IPS, and antimalware tools are running the latest updates.
- Where possible, use application white listing, which prevents unauthorised applications to be downloaded or run.
- Segment your network into security zones, so that an infection in one area cannot easily spread to another.
- Establish and enforce permission and privilege, so that the fewest number of users have the potential to infect business-critical applications, data, or services.
- Establish and enforce a BYOD [Bring your own device] security policy which can inspect and block devices which do not meet your standards for security (no client or antimalware installed, antivirus files are out of date, operating systems need critical patches).
Residents who find themselves a victim of these crimes must report the mater to the local police station as well as their service or banking provider as soon as possible.
