Go to Contents Go to Navigation

Ransomware hitting S. Korean computers more often: data

All News 10:41 June 11, 2016

SEOUL, June 11 (Yonhap) -- The number of personal computers that have been attacked by ransomware programs in South Korea soared in the first quarter from a year earlier, data showed Saturday, casting concerns among local Internet users.

According to the data compiled by online security firm Hauri Inc., the total number of different types of ransomware distributed in South Korea through websites came to 963 in the January-March period, soaring from 56 posted a year earlier.

Ransomware refers to a type of malicious software that bans access to the files saved on a computer until the victims pay a certain amount of money, usually processed through bitcoins, a kind of virtual money exchangeable online.

Industry sources said the latest types of ransomware suspend access to the computer entirely, with some even demanding payment in the Korean language, adding that such malicious software is being improved quickly.

While ransomware initially spread through files and links attached to e-mails, industry sources said it now has expanded to spreading through operating systems, applications, and banner advertisements.

South Korea's Ransomware Computer Emergency Response Team Coordination Center said the total amount of damages inflicted by ransomware in the country came to 109 billion won (US$93.4 million) last year.

Currently, it is almost impossible to retrieve data infected by ransomware. A computer is also vulnerable to being infected by other PCs connected through corporate networks.

All key programs, including anti-virus vaccines, will be suspended once a computer is infected with ransomware. A user usually has to pay one or two bitcoins, which are currently estimated at US$600 each.

South Korea's police said they have expanded probes into cybercrimes, including ransomware attacks, since May, but added they are facing hurdles as hackers are usually located overseas, including in Russia and Eastern Europe. The anonymity of bitcoins also makes it harder to track the attackers, they added.

"If we detect ransomware, we can, as the network operator, cut the communication routes to the origin. But once infected, there are no answers," an official from the Ministry of Science, ICT, and Future Planning said, adding that there is no choice but to be cautious all the time.

Some local ransomware firms claim they can retrieve lost data, but industry sources say they just pay the hackers with bitcoins and charge the victims a commission as well.

Industry watchers added that users should back up their data in multiple places such as portable hard drives or cloud computing programs.

But users should also not set files to be automatically uploaded to their cloud accounts, as the ransomware could be uploaded there as well and attack the backed-up data.

"If users update their Windows and anti-virus vaccines regularly, we can block the significant types of ransomware," an official from the science ministry said. "As ransomware is also a type of malicious code, we need to follow basic security principles, and back up data regularity."


Send Feedback
How can we improve?
Thanks for your feedback!