It sounds almost like science fiction, even in this cyber age: A thief hacks into your computer and encrypts your files, meaning, scrambles the information so you can’t make sense of any of it. He demands you pay him a big fat payment to “unlock” the encryption or to give you the “key,” which is contained on the thief’s remote server.
You are being held ransom. The FBI’s Internet Crime Complaint Center has sent out a warning to both the common Internet user and businesspeople about this ransomware, says an article on arstechnica.com.
And if you think this is one helluva dirty trick, it can be worse: The thief gets your payment, but you don’t get the cyber key.
The article says that the biggest ransomware threat is the CryptoWall. The FBI’s IC3 has received reports from 992 victims of this ransomware, but it’s estimated that there are many more victims who have not notified the IC3 (would you or your friends necessarily know to do this?) and instead just paid the ransom—or didn’t, resigning to never being able to access their files again.
In addition to the ransom cost, there are also the costs associated with cleaning up the mess, and the fallout especially hits businesses, because they suffer lost productivity and having to pay IT services.
The arstechnica.com article quotes Stu Sjouwerman, CEO of KnowBe4, a security training company: “CryptoWall 3.0 is the most advanced crypto-ransom malware at the moment.”
According to the IC3, there are $18 million in losses associated with CryptoWall, but remember, that’s only what has been reported. Many businesses do not notify the FBI of breaches: the ransom payment as well as the heavy cost of impaired productivity.
How does an individual or business avoid getting sucked into this trap? The FBI offers the following recommendations:
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.
Comments are closed for this blog post