Welcome, Guest.
Register Donate Calendar Search Today's Posts Mark Forums Read

Welcome to the Offroad Passport Community Forum!

This is a community for planning and discussing offroad adventures. All makes and models of offroad vehicles are welcome! Multi-day expedition-style trips are our main focus, but there are plenty of day runs, clinics, and tech-days as well.

The forum is free for Basic Membership! Optional Premium Membership includes such perks as exclusive professionally organized trips and events. Please note that you may view the forum as a guest, but will need to register in order to post or to access certain areas of the site.

Note: If you are already a registered member, please login to remove this message.

View Thread
Thread Tools Display Modes
Old 05-15-2017
gearhead's Avatar
gearhead gearhead is offline
(Mike) (KF7OGY)
Premium Club Member
Join Date: Dec 2009
Location: Phoenix, AZ
Vehicle: 1991 YJ
Posts: 911
Reputation: gearhead is on a distinguished road
Default Ransomware question
With all of the ransomware attacks recently, I am trying to figure out how it spreads. I know that phishing emails are one way, but my question is if ransomware (or malware in general?) can come over the internet through my ISP and infect my computer in the middle of the night with no action on my part?

Thanks in advance!
Reply With Quote
Old 05-15-2017
lofreqjeff's Avatar
lofreqjeff lofreqjeff is offline
(Jeff & Katie)
Premium Club Member
Join Date: Aug 2012
Location: Chandler, AZ
Vehicle: 89 4Runner
Posts: 345
Reputation: lofreqjeff is an unknown quantity at this point
Default Re: Ransomware question
Originally Posted by gearhead View Post
With all of the ransomware attacks recently, I am trying to figure out how it spreads. I know that phishing emails are one way, but my question is if ransomware (or malware in general?) can come over the internet through my ISP and infect my computer in the middle of the night with no action on my part?

Thanks in advance!
I have been working for LifeLock the past year which was recently purchased by Symantec - the parent company of Norton Anti-virus. We had a company wide meeting this morning to discuss the WannaCry ransomware attack.

Here is an excerpt from the Norton website about Ransomware, what it is, how it works and what you can do to protect yourself:

The latest spin on a ransom note isn’t composed of letters clipped out of a newspaper. Increasingly, criminals are unleashing brash attacks on your PC and its data through a type of malicious software called ransomware.
It’s exasperating enough when your computer is sluggish because of a virus, but what if the virus installs embarrassing pornography on your screen or encrypts your data so you can’t read it? Ransomware attacks often use these tactics to demand you pay a ransom to remove the pornography or to access your files.

Ransomware on the rise
“There’s more and more documented evidence that this is going on,” says Ori Eisen, founder and chief innovation officer of fraud prevention company 41st Parameter. “It’s more prevalent in the United Kingdom, which is sort of a staging or testing ground. It’s starting there and getting more momentum.”

The FBI recently issued an alert about the broader category of rogueware, which include ransomware and fake antivirus scareware scams. According to the FBI, criminals are netting an estimated $150 million a year through these scams. “Ransomware is actually scarier” than the scareware scams, says Robert Siciliano, a Boston-based identity theft expert. “There’s nothing worse in the field of technology than having a criminal in control of your network. When a ransomware attack occurs, it can easily elevate from a potential data loss to potential identity theft to a data breach in the form of extortion.”

How ransomware works
These aggressive assaults begin in a similar manner to scareware. You’re duped into clicking on an infected popup advertisement or you visit an infected website. However, instead of just trying to trick you into buying fake antivirus software, the bad guys hold your computer hostage and attempt to extort payment.
In some instances, ads for pornographic websites appear on your screen each time you try to click on a Web page. The ads cover a portion of the page you’re trying to view. “Just imagine you’re sitting at work and that happens to you,” says Eisen. One ransomware attack puts time pressure on the victim, stating that a piece of your data will be destroyed every 30 minutes if you don’t pay up. Another attack attempts to force you to purchase a program to de-encrypt your data.
The criminals often ask for a nominal payment, figuring you’ll be more likely to pay to avoid the hassle and heartache of dealing with the virus. They may ask for as little as $10 to be wired through Western Union, paid through a premium text message or sent through a form of online cash.

Protect yourself from ransomware
As with other attacks, you can work to avoid ransomware. Experts advise taking these steps to avoid attacks or protect yourself after an attack

Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.

Back up often. If you back up files to either an external hard drive or to an online backup service, you diminish the threat, says Eisen. “If you back up your information, you should not be afraid to just turn off your computer and start over with a new install if you come under attack.” Eisen backs up his data regularly, so every six months, he simply restores his computer’s system to default and starts afresh. “I would highly recommend it,” he says.

Enable your popup blocker. Popups are a prime tactic used by the bad guys, so simply avoid even accidentally clicking on an infected popup. If a popup appears, click on the X in the right-hand corner. The buttons within a popup might have been reprogrammed by the criminals, so do not click on them.

Exercise caution. Don’t click on links inside emails, and avoid suspicious websites. If your PC does come under attack, use another computer to research details about the type of attack. But be aware that the bad guys are devious enough to create fake sites, perhaps touting their own fake antivirus software or their de-encryption program.

Disconnect from the Internet. If you receive a ransomware note, disconnect from the Internet so your personal data isn’t transmitted back to the criminals, says Eisen. He recommends simply shutting down the computer. If you have backed up your data, you can re-install software. If you don’t feel comfortable doing so or you are unable to start fresh, you may need to take your computer to a reputable repair shop, says Eisen.

Alert authorities. Ransomware is a serious form of extortion. “Local police are probably not equipped to deal with this,” explains Siciliano. “However, the local FBI would want to know about it.”
Don’t be tempted to give in and pay the ransom, warns Siciliano. “Paying them would be a mistake because they will further extort you and most likely not release your information.” Taking precautions to protect your information and maintaining vigilance are the best solutions to avoid becoming a victim in the first place.

There is a ton more info on our website if you're interested in online security threats, what they are, how they work and what to do if you get infected:

Cecil - 1989 4Runner SR5: Rebuilt 3.0 V6 w/upgraded cams, bored .30 over, ported & polished, balanced crank, Doug Throley Headers & custom exhaust w/ high flow cat, Bosch 4 port fuel injectors; Factory R150f manual trans w/Marlin Crawler 1200 lb HD clutch, Marlin Crawler built t-case with 4.7 crawl gear; Custom fab'd SAS: 85 4Runner front axle, Trail Gear diff armor & truss, Longfield Chromoly axles & birfields w/ factory Toyota eLocker, FJ60 brakes; Detroit locker in rear; 5:29 gears; Old Man Emu leaf springs in front, 57" leaf springs in the rear; 315/75/16's (35's); Custom sliders and front & rear bumpers, Softopper, Tube doors, Bud Built Skids

Nameless 2017 4Runner SR5 Premium Daily Driver: 4.0 V6 auto; 2.5" Bilstein lift w/OME FJ rear springs; 33" Nitto Terra Grapplers
Reply With Quote
Old 05-15-2017
defectivemonk defectivemonk is offline
Premium Club Member
Join Date: Jan 2011
Location: Portland, OR US
Vehicle: 2012 Jeep Wrangler Rubicon
Posts: 25
Reputation: defectivemonk is an unknown quantity at this point
Default Re: Ransomware question
Most ransomware requires some action from you like opening an email attachment or downloading something from a shady website. The recent incident with wannacry spreads using a defect in Windows that was discovered by the NSA and stolen and repurposed by clever criminals. You can improve your security by enabling Windows firewall, enabling automatic updates and using one (or more) antivirus apps. I say "or more" because they don't all detect everything. Make sure you make regular backups and know how to restore them (backblaze is good)
Reply With Quote
Old 05-16-2017
scottL's Avatar
scottL scottL is offline
Premium Club Member
Join Date: Aug 2009
Location: phoenix, az usa
Vehicle: 2001 jeep cherokee
Posts: 2,200
Reputation: scottL is on a distinguished road
Default Re: Ransomware question
The worm is primarily impacting business, where it can spread quickly through a network to take down an entire company. Business take longer to install critical updates and patches, often to avoid impacting any legacy software they are running. But individuals with PCs running Windows should still take a few precautions. First, install any software updates immediately and make it a regular habit. Turn on auto-updaters where available (Microsoft offers that option). Microsoft also recommends running its free anti-virus software for Windows.

If you don't already have a backup routine, start now and regularly save copies of all your files. That way if your machine gets infected and your photos and documents are encrypted, you don't need to worry about losing them.
Finally, always stay alert. Don't click on links that you don't recognize, or download files from people you don't know personally.

It's not just your computer that you need to be worried about. This attack has impacted many large services and organizations, including hospitals in England, a telecom and natural gas company in Spain, and FedEx. Basic services that impact your life could be impacted even if your own machine is clean.
Reply With Quote


« Previous Thread | Next Thread »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Terms of Service

Similar Threads
Thread Thread Starter Forum Replies Last Post
Question AZRNintheJeep242 Hunting & Shooting Sports 12 04-25-2017 10:48 AM
Four Peaks question reybie Trail Info & Other Destinations 12 04-07-2014 01:22 PM
Auto A/C question Number7 General Talk 18 03-22-2013 08:59 PM
Old Ammo Question Curly Hunting & Shooting Sports 6 12-27-2012 03:48 PM
Tire Question AZBillyBoy Other/Multiple Brand Vehicles 14 11-29-2012 09:31 AM