A few weeks ago a client contacted me to let me know that his company’s computer system had been hacked, encrypted and held for ransom. Apparently, a staff member who customarily opens and responds to incoming emails from potential customers and vendors clicked on one such innocent looking email. That was all it took to open the door to the hacker. My client had no choice but to pay a “ransom” in untraceable bitcoin in order to get the encryption key to regain access to its data.
“Ransomware” is the term generally used to describe malicious software that allows a hacker to gain access to an individual computer or company-wide system. Once in, the hacker installs software that encrypts the data on the system and then demands payment to provide the decryption key. To see just how prevalent these attacks are becoming, all you need to do is a key word search for “ransomware.” The list of current postings (“current” being defined as having been posted within the past few minutes, hours and days) is both staggering and growing.
A recent article advises that the FBI’s Internet Crime Complaint Center (IC3) received reports of 2,453 ransomware incidents in 2015, with victims paying over $24 million in ransom. Knowing that not all incidents are reported, these figures are believed to be conservative. One report estimates that ransomware is spreading at the rate of 100,000 infected computers per day.
Ransomware is a global problem that affects PC and Mac users alike, as well as servers. Many of the hackers are located off-shore, primarily in Eastern Europe. And, as my client will attest, the attacks are happening all around us; no one is immune.
So, how do you protect yourself and your company? If you do the research you’ll find that the list of tips and advice you can find online is virtually endless. Or, you can do what we did when we first found out about this: talk to your IT provider. By doing so you will be able to stay informed of current developments, the ever-changing nature of the attacks, countermeasures, and defensive software, when and as it is developed.
According to the FBI, these attacks are growing because people are paying. Fortunately, my client was able to regain access to its systems for a few hundred dollars. Whether or not to pay the demanded ransom is, more often than not, a business decision. Just this past February, Hollywood Presbyterian Medical Center in Los Angeles, California paid just under $17,000 (or, 40 bitcoins) to hackers in order to regain access to its data.
For more information, and/or to report a cybercrime, please visit the FBI’s Internet Crime Complaint Center.