Extortion Surge in Edmonton: Arson and Monetary Demands Prompt Police Investigation
Police in Edmonton have formed a special investigative team to look into a string of arson events and financial demands related to a troubling extortion trend that is hitting the South Asian community. Since October, some eighteen incidents have been documented, which has led to increased law enforcement monitoring.
Reports of victims receiving texts and calls on WhatsApp requesting large amounts of money have been made; these messages frequently include information about personal details including family members, cars, and daily schedules. Arson attacks and property destruction have resulted from refusing to comply with extortion demands; these have primarily targeted newly constructed residences, show homes, and connected properties.
Between November 1 and January 2, nine fires involving newly constructed or newly owned properties were reported to Edmonton Fire Rescue Services; all but one of these incidents were found to be arson-related. The central King Edward Park neighborhood, the university area, and emerging suburbs such as Aster, Laurel, Woodhaven Edgemont, and Cy Becker were the main areas damaged by the fires, which also destroyed 14 homes and one garage.
There have been reports of similar extortion attempts in British Columbia and Ontario, among other places of Canada. Similar crimes targeting the South Asian business community have prompted investigations by Surrey, British Columbia’s RCMP and Peel Regional Police near Toronto.
According to Edmonton police, there has been a “escalation of violence” in certain situations, where further demands have resulted in drive-by shootings. The seriousness of the situation is highlighted by the fact that arrests related to violent occurrences have been made even though no injuries have been reported in these cases.
The police are urging anyone who has been threatened or knows anything about these occurrences to come forward and help with the ongoing investigations.
What is ransomware?
Malicious software known as “ransomware” takes over a victim’s data or device and demands a ransom to unlock it. Early ransomware attacks mostly involved a demand for money in order to obtain the decryption key required to unlock the compromised data or infected equipment. Nevertheless, the situation has changed recently with the rise of triple- and double-extortion attacks, which make the threat more serious.
In cases of double-extortion, attackers threaten to steal and post the victim’s data online in addition to locking it. Triple-extortion assaults pose an even greater hazard because they can use the stolen data to launch attacks against the victim’s clients or business associates. This development in ransomware strategies adds another level of danger and complexity to an already dangerous environment.
According to the IBM Security X-Force Threat Intelligence Index for 2023, 17% of all cyberattacks in 2022 were ransomware assaults. This data emphasizes how ransomware is becoming a more significant menace in the world of cyberattacks. The cybersecurity landscape has to change and strengthen defenses to lessen the threats posed by these increasingly complex attacks as ransomware perpetrators’ tactics continue to advance.
How does ransomware infect a device?
There are several ways that ransomware can infiltrate a system, but the most common one is via phishing emails that contain malicious links or attachments. This common strategy depends on deceiving consumers into engaging with malicious material, which eventually allows the ransomware to infiltrate. Another way is by drive-by downloads, in which people browse hacked websites and inadvertently download malware, which is installed covertly and without their knowledge. When a user interacts with a malicious executable file, hackers can use these files as carriers to activate ransomware.
In addition, taking advantage of weak web servers is another way to get into a company’s network itself. In these situations, hackers take advantage of holes in web server security protocols and use them as ports of entry to compromise networks within organizations. This diverse strategy highlights the versatility and tenacity of ransomware perpetrators, highlighting the need for extensive cybersecurity protocols to combat their several methods of entry.
What are some signs that my device has been infected with ransomware?
There are a number of ways that your device could be infected with ransomware.
Quick Encryption of Files:
A clear indication of a ransomware assault is when files suddenly get encrypted. The spyware quickly searches and encrypts files, making them unreadable after the process is finished.
Prompt for Ransom Notes:
One of the most reliable signs of a ransomware outbreak is receiving a message requesting money in order to unlock a file. These signals, which indicate an urgent need for action to stop additional harm, may show up as text documents or pop-up notifications.
Strange Activity on a Network:
Through the network, ransomware may communicate with command-and-control servers. Intrusion detection and prevention systems enable the monitoring of network traffic for anomalies, which aids in the identification of suspicious activity such as connections to unknown IP addresses or notable spikes in data usage. It is essential to update software often in order to fix vulnerabilities that hackers exploit.
Reduced System Efficiency:
The resource-intensive actions of ransomware might cause a noticeable decrease in the speed of your machine.
Software Disruption in Security:
Ransomware frequently uses the ability to disable or compromise antivirus and security software as a means of avoiding detection. An inquiry should be conducted right away if security software malfunctions or is disabled.
Modified File Extensions:
File extensions may be altered by ransomware, making them unusable. For example, a file that was originally named.docx might later be renamed to.locky.
Files missing or altered:
Files could be changed or erased by ransomware without your awareness. An indication of a possible ransomware attack is the discovery of missing or changed files.
Locking Screen Pop-Ups:
When a pop-up window locks your screen and requests money to unlock it, it is highly suggestive of a ransomware attack.
If you detect a ransomware infection, you must act quickly to stop the damage from getting worse. As soon as possible, disconnect your device from the internet and contact a cybersecurity expert for support.
What is the best way to back up my files in case of a ransomware attack?
Having a solid backup plan is essential to protecting your data from ransomware attacks. The following guidelines should be followed to secure your files:
The encryption process:
Use a backup system with strong encryption to protect critical information. Information is converted into an unintelligible code through encryption, preventing unwanted access. Industry-standard encryption techniques should be used by the selected backup solution to encrypt data both while it is being transmitted over networks (“in transit”) and while it is being kept on a device (“at rest”).
Select an object locking-compatible backup solution, also referred to as immutable or Write-Once-Read-Many (WORM) storage. Object locking marks items as locked for a predetermined amount of time, preventing unauthorized users from deleting or changing them. Backups stay safe and unchangeable during this immutable retention term, even in the event that credentials are hacked.
Adopt an air-gapped backup strategy, in which backup data is kept offline and physically isolated from the location where it was generated, whether that be at the edge or in the production environment. The backup is protected from internet risks, such as ransomware assaults, by this isolation.
Several Backups :
Increase resilience by using several kinds of backups. Use incremental backups to ensure that affected data can be recovered in the case of an attack and prevent data loss. Make use of overwriting-resistant storage techniques to ensure that a consistently retrievable duplicate of the impacted data is kept.
Maintain current data by doing frequent backups, which will reduce possible losses in the event of an attack. Regular backup procedures help build a strong defensive plan and minimize data loss in the case of a ransomware attack.
By putting these best practices into effect, you strengthen your defenses against ransomware attacks and provide a thorough and safe backup plan for important data protection.
How can I protect myself from a ransomware attack?
Follow these recommendations to strengthen your security against a potential ransomware attack:
Frequent backups of data:
Make regular backups of your data to an external disk or make use of cloud storage options. This preventive step guarantees that your data can be recovered in the event that ransomware encrypts it.
Applying the most recent security updates can help you keep your operating system and all installed apps up to date. Regular updates improve the overall security posture of your device by preventing attackers from taking advantage of known vulnerabilities.
Using Antivirus Software:
Use reliable antivirus software, making sure to install it, update it frequently, and set up automated checks for your device. This proactive strategy helps find and eliminate malware, including ransomware.
Email Attachment Take Care:
Use caution when opening attachments from emails; don’t open files from senders you don’t know or suspect. Since email attachments are a common way for ransomware to enter systems, it is crucial to be cautious and confirm the legitimacy of attachments before opening them.
Strong Password Procedures:
Make sure all of your accounts have strong, one-of-a-kind passwords to increase security. When it’s possible, turn on two-factor authentication to protect your accounts from unauthorized access attempts.
Keep yourself updated about the most recent ransomware attacks by learning how to recognize and prevent them. Be wary of unsolicited emails, pop-ups, and messages that request software downloads or the surrender of personal information.
By implementing these recommended actions into your daily routine, you strengthen your defenses against ransomware attacks and promote a safe online environment.
What is the average amount of money demanded in a ransomware attack?
ZDNet reported that the average ransom requested for a decryption key during a ransomware assault has increased to $2.2 million, which is a significant rise over the $900,000 average sought in 2020. It is important to note that the ransom amount may vary significantly depending on a number of factors, including the particular target and the type of ransomware used. The increasing trend in ransom demands highlights how profitable and dynamic ransomware operations are, calling for increased awareness and strong cybersecurity protocols in a number of industries.
How do I remove ransomware from my device?
It’s critical to act quickly to stop additional damage if your device is suspected of having a ransomware infestation. Use these actions to get rid of ransomware:
1. Turn off your Internet connection:
Cut off your device’s internet connection as a precaution. By doing this, the ransomware is prevented from contacting its command-and-control servers, which hinders any possibility of additional compromise or data exfiltration.
2. Make Use of Security Programs:
To find and remove malware from your device, install and run a reliable antivirus program. Make sure the antivirus program is updated frequently and set up to perform routine scans to improve continuous protection.
3. Make Use of Tools to Remove Ransomware:
Examine the various ransomware eradication programs that are available online; many of them are free. Avast, Malwarebytes, and Kaspersky are well-known choices. Using these kinds of technologies can help ensure that ransomware is completely removed from your device.
4. Backup Restore:
If you have a backup of your data, start the restoration procedure once the ransomware has been removed from your computer. This guarantees that your files will be recovered to their pre-infection state.
5. Look for Expert Help:
If you need help recovering your data or are having trouble getting rid of the ransomware, you might think about getting help from a cybersecurity specialist. Their specific expertise can handle challenging circumstances and increase the chance of a successful recovery.
You can increase your chances of successfully eliminating ransomware and lessening its impact on your computer and data by carefully following these procedures.