The Australian Cyber Security Centre has reiterated its advice to Australians regarding ransomware infections.
The Australian Cyber Security Centre has reiterated its advice to Australians regarding ransomware infections, saying that it strongly advised people not to pay any ransom.
The ACSC was responding to queries from iTWire about a Sydney-based company, Fast Data Recovery, that is offering to decrypt files which have been encrypted by the Dharma ransomware, something which nobody else has been able to do given the strength of encryption used.
“There’s no guarantee paying will restore files, and paying a ransom could make victims vulnerable to further attacks,” an ACSC spokesperson said in a statement.
“We advise Australian individuals and businesses affected by ransomware to log a cyber crime report via ReportCyber.”
Ransomware, which mostly affects computers running Windows, has become something of a scourge among businesses, with frequent attacks targeting them and rendering them unable to operate for lengthy periods. The case of Fast Data Recovery was brought to the attention of iTWire by Brett Callow, a researcher with security company Emsisoft.
Callow sent the company a file encrypted by Dharma and made it clear that he did not wish to pay the ransom. “The company claimed it would be able to ‘reverse engineer the ransomware decryption key’ for a fee of US$6879/A$9650,” he said.
“Unless you have access to a quantum computer more advanced than any machine known to have been built, it’s simply not possible to ‘reverse engineer the ransomware decryption key’.
“Dharma uses perfectly implemented RSA-1024 and the key needed to decrypt a victim’s files can only be created by the criminal or someone with access to the criminal’s private key.”