The cyber kidnappers after your data

The message Ken Main received on his company computer demanding a ransom for the release of his data.Image copyright
Ken Main

Image caption

The message Ken Main received on his company computer demanding a ransom for the release of his data.

Something wasn’t right about the phone screen. It had gone dark. That’s when Nick Harvey examined it more closely. It looked odd. And it was then that he saw the message.

His smart phone had, in effect, been hijacked and he was being asked to pay a ransom.

“My device had been locked”, he told BBC Radio 4’s PM Programme.

He was being instructed “to send some money via a voucher code to get the phone unlocked”.

Ken Main knows how Nick felt. It happened to him with the computers at his hairdressing salon in Glasgow.

“It was a pale blue screen with the message right in the middle,” he explained. “If we wanted the information back we would have to pay a ransom.”

Cash call

They had both become victims of what is known as ransomware – a type of computer virus which unlocks the users out of their computers or phones and demands money for the return of the files.

Media captionAmerican police paid a ransom to hackers who encrypted the department’s data.

“It’s like somebody breaking into your house”, Ken said.” It was a message which kind of created the same sort of emotional fear and then you start thinking ‘God, what happens if I can’t get this information back?'”

You are probably now trying to guess how much Ken and Nick were being asked to pay. It is possibly quite a lot lower than you would think.

“They asked me for $50 or €50” Nick recalled.

For Ken it was slightly more.

“They were looking for a ransom of $350 initially,” he said. “When we contacted them by email, they put that up to €1000.”

The demands are set at what is regarded as a payable level, according to Jornt van der Wiel from the security software company, Kaspersky Lab.

Image copyright

Image caption

Ken Main’s hairdressing business.

They tend to be for “the amount of money that people are still willing to pay in order to get their files back.”

He explained, for a small business, “Sometimes it’s cheaper for the company just to pay the ransom than to put back the backup because that in the end costs more”.

Police files

Nick Harvey did not have to part with any money. He managed to get his phone working again although he did lose some data. Ken, however, felt he had no choice but to pay up.

“I said, ‘Well I need that bloody information back. I’ve got a business to run here.’ I think any businessman in my position would say ‘Yes! Let’s do it’, because I’ve got no other way of getting information to rebuild that database.”

According to Mr van der Wiel, ransomware can enter your computer via malicious email attachments. His advice is not to open any file which you are suspicious about. He says there can also be a problem if the latest “security patches” on your internet browser have not been installed.

Media captionWhat is ransomware?

Such are the difficulties that a ransomware attack can create; even those responsible for enforcing the law have given into the criminals.

When the systems at the police department in Tewksbury, Massachusetts, were affected, computer experts tried everything but to no avail.

“We couldn’t restore it from an external back-up” Chief Timothy Sheehan said “because that was also corrupted and the taped back-up we had was at least 18 months old. We realised we were in a perfect storm. We were in a very bad situation.”

The police department paid the ransom via a third party.

“Ultimately we decided that in our particular situation we should take the shot of paying the 500 dollars in bitcoin and see if we got the decryption key returned to us and we could return all of the data that was encrypted back to its normal status.”

Image copyright

Image caption

Many ransomware gangs demand payment in bitcoins

Chief Sheehan conceded that it meant paying money to criminals and he now wants to highlight the threat ransomware poses.

Data loss

According to Raj Samani, Intel Security’s chief technology officer in Europe, the Middle East and Africa, those behind ransomware are making hundreds of millions of dollars. He said there has been “enormous growth in ransomware certainly over the last 12 months”.

He believes people in the UK are particularly vulnerable. There are many different types of ransomware viruses but according to Mr Samani “in almost every single type we look at, the UK is either second or third on that list, so I would argue that the UK is targeted disproportionately with regards to the number of internet users that we have.”

Security experts have found ways of unlocking some forms of ransomware but those behind the cyber criminals are developing more sophisticated viruses too.

Back in the hairdressers in Glasgow, Ken Main has no regrets about paying the ransom. However, it didn’t solve all his problems. Do not think paying up means all will end well.

“I would say 80 to 90% of the information was corrupted” he said. “In terms of hard cash income I would say we were probably down by about £20,000.”

comments powered by Disqus