Swiss Ransomware Awareness Day

Ransomware (also known as "ransom Trojans" or "extortion Trojans") is a specific group of malware that is typically spread via harmful email attachments or hacked websites. Once infected, the ransomware encrypts files on the victim's computer and on any network drives (network shares) and storage media (e.g. USB sticks) connected to it. This renders the encrypted files unusable for the victim. If the files on the computer have been encrypted by the ransomware, it will display a "locked screen" to the victim. The message on the screen instructs the victim to pay the attackers a sum of money in a digital currency (e.g. bitcoins) so that they will release the encrypted files again and the victim can use them again (extortion). Using a digital currency such as bitcoins makes it more difficult to trace the perpetrators. However, meeting the attackers' demands and making the requested payment provides no guarantee that the victim will regain access to the encrypted files. Furthermore, a payment finances the attackers' business model, thus enabling them to continue the ransomware attacks and infect and cause damage to other victims.

Ransomware is not a new phenomenon: the first ransomware that locked a victim's computer in return for a ransom appeared in Switzerland as early as 2011. In recent months, however, there has been a huge increase in the number of ransomware victims in Switzerland. It is not just private users that have recently been targeted by ransomware attacks, but increasingly small and medium-sized enterprises (SMEs). While a ransomware attack on private users means they can no longer access their personal data, the effects of such an attack on companies is generally much more serious. Business-critical data such as contracts or client and accounting data are often encrypted and thus rendered unusable. This can quickly result in an emergency situation for the company, which unfortunately often causes it to pay the ransom in order to regain access to its data. 

There is another way. Private users and SMEs can protect themselves from ransomware with the following three measures: 

The risk of a ransomware infection can be minimised by consistently implementing these measures. You can find more detailed information on ransomware and how you can protect yourself from it on the following website of the Reporting and Analysis Centre for Information Assurance MELANI:
https://www.melani.admin.ch/against-ransomware

Rules of conduct when handling computers and the internet as well as additional measures for greater IT security in SMEs can be found at the following links:

Rules of conduct:
https://www.melani.admin.ch/rules-of-conduct

Factsheet on IT security for SMEs:
https://www.melani.admin.ch/it-sicherheit-fuer-kmus (not available in English)

Ten-point programme for greater IT security:
https://www.kmu.admin.ch/kmu/de/home/praktisches-wissen/kmu-betreiben/infrastruktur-und-it/fachgerechte-it-infrastruktur/it-sicherheit.html (not available in English)

Stop.Think.Connect:
https://www.stopthinkconnect.ch/ 

Ransomware Awareness Day partners:
* Reporting and Analysis Centre for Information Assurance (MELANI)
* Cybercrime Coordination Unit Switzerland (CYCO)
* State Secretariat for Economic Affairs (SECO)
* Swiss Internet Security Alliance (SISA)
* SWITCH
* CERN
* Swisscom
* UPC Cablecom
* Sunrise
* Hostpoint
* economiesuisse
* Swiss SME Association (SKV)
* Foundation for Consumer Protection (SKS)
* Swiss Agency for Crime Prevention (SKP)
* eBanking – but secure! (EBAS)
* PostFinance
* Zurich Cantonal Police (KAPO ZH)
* Police Cantonale Vaudoise
* Lucerne University of Applied Sciences and Arts (HSLU)
* University of Applied Sciences and Arts of Southern Switzerland (SUPSI)
* Associazione consumatori e consumatrici della Svizzera italiana (ACSI)
* Microsoft Switzerland
* Symantec Switzerland
* TrendMicro Switzerland
* Internet Society Switzerland Chapter (ISOC)