I recently read a story about computer pirates who take control of files stored on computers and ask for a ransom to release them. This type of extortion is not very different from the acts of pirates off the coast of Somalia who take control of international cargo ships and ask for a large ransom which have often been paid by businesses to release their cargo and employees, except for that internet pirates can take action from the comfort of their homes from anywhere in the world. In case you missed it, watch the movie called Captain Philips featuring Tom Hanks to see how these highly motivated extortionists take advantage of vulnerable people and businesses to make huge sums of money in a very short period of time.
Just like the owners of the cargo ships who pay millions of dollars in ransom fees, computer and data owners also have their own reasons for paying huge sums of money to get their files back or prevent them from being destroyed forever. Business computers contain very important files some of which may have cost a lot of money and effort to produce or personal computers may contain password files, old pictures, movie scripts, and other files that we can not afford to lose forever or to others. In addition, when businesses collect the personal information of their customers, they are legally responsible for protecting them. Losing personal data of customers to data hostage takers can have devastating consequences for businesses and their customers.
Some of the malicious computer programs developed and used by modern day computer pirates are designed to destroy files within certain number of hours unless the ransom is received by the internet pirates and the encryption code is deactivated. One such ransomware is called CryptoLocker which was used and discovered in 2013 to lock the files and make them unusable. The smart computer program which is received with fake emails appearing to have been sent by well known companies installs itself in the Documents and Settings folder, scans the hard drive for a variety of file types such as Microsoft Word or Adobe Photoshop documents and encrypts them. After file encryption, the code informs the user with a message that they have exactly 100 hours to pay the ransom to receive a key code to unlock the files or see them destroyed when time is up.
In the case of CryptoLocker, a computer security company determined at the time that unless the pirates release the decryption key code, there is nothing that can be done to recover the files. Of course this is just one example and more sophisticated ransomware are sure to follow because ransomware is a more valuable and convenient tool for making quick money than stealing from credit cards and bank accounts while maintaining full anonymity.
The only solutions to this computer ransom problem after the fact is to either apprehend the computer pirates and get the key by force, buy a software to decrypt the files without the key which does not seem to exist, or pay the ransom. In case you face a similar problem and decide to pay the ransom, please note that the data pirates only accept payments via Bitcoin or prepaid debit cards to escape apprehension.
Alternatively and most importantly, all computer users at home and workplace must be educated about the existence of fake emails and malicious attachments as well as how to detect, report and eliminate the threats of such damaging emails to prevent such incidents because as mentioned your options are pretty limited after the fact. Businesses will also benefit by having a computer hostage crisis policy to make quick decisions when facing clock ticking ransom crisis.
You might think that the computer pirates may be bluffing in some cases but how many of us are willing to gamble especially if the ransom amount is not excessive? Although many malware programs are fake, it was determined that the CryptoLocker ransomware was real and could make the files permanently unusable.
With the collaboration of FBI as well as UK and EU law enforcement agencies the criminals behind Cryptolocker were apprehended and their encryption keys were used to create a free service to release data hostages, however, crooks continue to build ransomware with stronger encryption and expanded capability to attack files stored on smartphones.
The best way to keep ransomware off your computers and data hostage takers at bay, it is a good practice to deploy anti-virus and keep the software updated. Being careful about what you click and install as well as backing up data on a separate hard drive or in the cloud could be a life saver from being held hostage for ransom by computer pirates.