Firms pay thousands as crims lock computers and demand cash — and threat is worsening.

Kiwis are being increasingly extorted for cash by cyber-criminals who made last year New Zealand's worst for costly "ransomware" attacks.

In the most serious cases yet seen here, one business was forced to pay $11,000 and another lost $9000.

Ransomware is a type of malware that locks a computer and typically shows a warning demanding the user pay a fine to unlock the computer.

Last week, one of the most sophisticated ransomware programs ever designed surfaced on cyberspace, after a year that saw 114 Kiwis targeted.

Advertisement

Those who paid reported losses averaging about $700.

With the appearance of a new and improved third version of the file-encrypting program CryptoWall, and the growing targeting of vulnerable Android devices, a cyber security expert told the Herald ransomware attacks may only increase in 2015.

In one recent example, warning screens appeared in the deceptive form of a fake message from the New Zealand Police, suggesting authorities were demanding the fine for copyright infringements or downloading pornography.

Although this trap first appeared back in 2012, a new version led to a spate of complaints late last year.

Another cluster of attacks in the middle of last year were blamed on Cryptolocker, advanced ransomware that robbed victims around the world of nearly $130 million before international authorities shut it down.

"We see three main variants of it," said Chris Hails, a digital project manager with internet watchdog NetSafe. "There's one form that will lock your browser, another that will lock the machine itself, and then a third where an algorithm is used to actually encrypt the data - and there's nothing you can do but pay the ransom if you don't have up-to-date back-ups."

Attacks could mean the loss of crucial data covering years of work, or intellectual property and other business assets.

The latest version of CryptoWall would make it only tougher on victims.

After encrypting a computer's files with a tough cryptographic algorithm, it asked victims to pay an equivalent $640 in bitcoin - the transaction passing through two separate anonymous networks.

Peter Merrigan, a senior investigator at the Department of Internal Affairs' Electronic Messaging Compliance Unit, said CryptoWall 3.0 could be spread through email as an attachment, or passed on as a "drive-by download" through infected websites.

"Ransomware, such as CryptoWall can be devastating for an individual or business."

Mr Hails feared ransomware would soon become a big problem for mobile device users, who had so far mainly been targeted in Far East countries.

Dr Giovanni Russello, an Auckland University computer science lecturer and founder of Active Mobile Security, said the amount of ransomware attacks on Android devices was still minimal when compared with PC strikes.

Yet the rapidly-growing rate of attacks on Android systems - used in 85 per cent of the world's smartphones - was worrying.

"It makes sense, because it's a very popular platform and it's quite open, so there's potential to do a lot of damage," said Dr Russello.

What is ransomware?

• Ransomware is a type of malware that locks a computer and typically shows a warning demanding the user pay a fine to unlock the device.

• There have been many versions and the latest, CryptoWall 3.0, appears the most sophisticated and malicious yet.

• After encrypting a computer's files with a tough cryptographic algorithm, it asked victims to pay an equivalent $640 in bitcoin.

How to protect your computer against ransomware

• Install, update and use anti-virus software: It may not stop every threat and new emerging malware, but using anti-virus offers an extra level of protection for your devices.

• Backup Everything: It is essential that you make regular routine backups in case your computer cannot be cleaned and you need to undertake a system restore or rebuild. If data is encrypted having your important information backed up is the best way to recover without paying the ransom.

• Update Everything: Check Microsoft Security Bulletins and ensure your systems are fully patched against known vulnerabilities. Adobe Flash and Reader "helper apps" are frequently patched as they are on so many machines.

• Health check your computer: Use NetSafe's free downloadable computer security Alert others to prevent more attacks: Tell colleagues, friends and family who could be impacted by a ransomware infection about the need to be prepared and avoid opening unexpected file attachments.