When Technology is Taken Hostage

We expose more of ourselves on a daily basis than at any other time in history. Most people have some form of social media an enterprising sleuth could build a profile based off of just by pressing the “older posts” button. There’s been a lot of news about wiretaps lately, but something under most people’s radar are the Smart TV’s and toys that have been listening to their owner’s conversations.

While it’s scary enough to consider how many things in your home could be listening in on you this very moment, what’s even more concerning is how quickly you can lose control of these devices and extorted to get them back. And it’s not just individuals having their devices and data taken from them, it’s also hit schools, hospital and private businesses hard over the last year.

One of the most common forms of extortion today is the use of “ransomware” to lock people or companies out of their electronics and data. Ransomware is a term for a particular kind of hacking that’s been on the rise as internet reliance has increased. Victims of ransomware typically receive a message on their device’s display saying something to the effect of “pay us this money and we’ll give you back your data.”

In an interview with CNN, South Carolina public school administrator Charles Huck, highlighted the dilemma presented by ransomware when he said, “You get to the point of making the business decision: Do I make my end-users — in our case teachers and students — wait for weeks and weeks and weeks while we restore servers from backup? Or do we pay the ransom and get the data back online more quickly?”

If the targets of ransomware want their systems or data back then they don’t have much choice, but to pay the fee. The hackers have repeatedly targeted hospitals since their technology working is literally a case of life or death there is significant pressure on the hospitals to simply pay the ransom.

When Hollywood Presbyterian Medical Center had some of it’s communication devices taken over by hackers last year, the criminals demanded $17,000 to be paid in bitcoin. The hackers asked for that amount, because it’s low enough most places will pay under the impression it’s the quickest way to get it all over with.

“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Chief Executive Allen Stefanek said when the LA Times asked why they paid the hackers. “In the best interest of restoring normal operations, we did this.”

 

One of the scarier things about ransomware is this is only the beginning. The FBI reported ransomware to be a $1 billion industry in 2016. In a follow-up story CNN reported:

At that rate, ransomware is on pace to be a $1 billion a year crime this year. The FBI told CNN that the number “is quite high” because a few people “reported large losses.”

The agency also said that the losses could even be bigger once other related costs from these extortion schemes are factored in. Plus: Some victims may choose to pay and not report the crime.

Paul Roberts, founder and editor of a website called The Security Ledger told CNN, “The ransomware criminals understand this. Their business in some ways is a volume business so they don’t set their ransom so high that you can’t pay it. They set it at a level so they can get their money and move on to the next victim.”

This crime has even made its way into consumer electronics like smart phones and TVs. Last Christmas a photo of an LG TV stricken with ransomware went viral.

The hackers demand far less money to relinquish control of personal devices, but $500, especially if it’s on Christmas Day after you’ve spent money on gifts, is still a lot. In December, Slate reported:

“Ransomware works by taking over a system until a user pays a fee, often in the form of cryptocurrency or digital gift cards. One recent high-profile ransomware attack shut down much of San Francisco’s public transit system while another targeted a Hollywood hospital. More mundane ransomware has been reported on Android devices since at least 2014, and Frantic Locker first began to show up on phones in 2015.

Keep your systems operating systems up to date and don’t download files that aren’t from  trusted site to help avoid ransomware. If you do all these things and still end up under attack, contact your systems administrator or the manufacturer of your device. Take precaution, because ransomware isn’t going away anytime soon.

 

David Schroeder, Blog Writer, Lauth Investigations International