Facing virus, these police did exactly what you're not supposed to do
Law enforcement authorities typically advise against paying ransoms to criminals. That is, unless the targets of the extortion plot are the police themselves.
The local police department in Swansea, Mass., reportedly paid two Bitcoins (approximately $750 at the time of the transaction) to hackers after having its computer system compromised by the CryptoLocker virus.
‟It was an education for those of us who had to deal with it,” Swansea Police Lt. Gregory Ryan told the Fall River Herald News.
Ryan said, despite the security breach, no personal information of citizens was directly accessed or viewed by anyone outside the department. “The virus is not here anymore,” Ryan added. “We’ve upgraded our antivirus software. We’re going to try to tighten the belt, and have experts come in, but as all computer experts say, there is no foolproof way to lock your system down.”
After infecting a computer system, typically through a user downloading an attachment containing the malware program, CryptoLocker encrypts the host’s files and then demands payment within a limited time frame, usually 72 hours, or else the key to restore the files to their original state will be shredded forever.
Payment for CryptoLocker is typically accepted in the form of the digital currency Bitcoin. Being paid in bitcoins, which doesn’t require an intermediate financial institution in the parties' transaction, allows the hackers to accept payment while remaining anonymous.
In a statement in eSecurityPlanet, Tripwire security researcher Ken Westin slammed Swansea police for setting a bad example. ‟Essentially the police in Swansea, Massachusetts have negotiated with terrorists,” charged Westin. ‟I’ve done a lot of work with law enforcement agency security and, unfortunately, police departments tend to be among the worst at cyber security. Law enforcement is one of the most insecure areas of local governments because there is a lack of training in new technology and it is difficult to get them to adopt new processes."
Anti-malware firm Bitdefender told Networkworld that CryptoLocker claimed some 10,000 victims between Oct. 27 and Nov. 1 alone. The majority of the infected computers have been in English-speaking countries like the United States, the United Kingdom, and Australia.
Cybersecurity experts at places like Naked Security and the U.K.’s National Crime Agency have advised against paying the yet to be identified hackers behind the CryptoLocker virus. The fear is that each successful instance of data extortion will only embolden the criminals to continue their campaign against the world’s computer systems. Of course, this stoic stance is easier said than done when the files in question aren’t backed up in a separate location and shelling out for an external IT firm to restore them would likely end up being far more expensive than simply paying the ransom.
As CryptoLocker infects more and more computer systems, the hackers behind it have become increasingly business-savvy. They’ve now added a late payment option for victims who don’t pay up within the initially allotted time frame. There is one catch: the price skyrockets from two bitcoins up to 10. Considering how Bitcoin has wildly shot up in value recently, jumping from about $200 to over $600 in just 30 days, late payment is an extremely expensive proposition.
Photo by Don Hankins/Flickr