Highly publicized cyber attacks have recently drawn attention to the threat cyber crime poses to organizations across the country, including those in Illinois. One way that hackers are increasingly attacking businesses and other organizations is through the use of a specialized type of malware referred to as ransomware. Ransomware locks up computers or encrypts the contents of every file stored on a targeted computer. Computer users then must pay to regain access to their files or secure the decryption key. Hackers may demand “ransoms” of hundreds or even thousands of dollars.
During the last year, attacks made with a ransomware virus called Cryptoware have been reported in various parts of the country. In Tennessee, Cryptoware hackers targeted a sheriff’s office and extorted a ransom. The city of Detroit also experienced a Cryptoware attack. Recently, hackers used Cryptoware to attack the Midlothian Police Department here in Illinois. The malware was downloaded when someone at the department opened an email containing the virus. The virus disabled the employee’s computer and produced a message demanding money in exchange for a code to restore system access. The department ultimately had to pay the hackers with bitcoins to regain access to the computer.
Attacks like these are reportedly becoming more common. The President of the Illinois Association of Chiefs of Police notes that ransomware attacks against government or law enforcement agencies has become more prevalent over the last two years. Other organizations, such as businesses, educational institutions and financial organizations, may also be vulnerable to ransomware attacks. These attacks may disrupt business operations, cause reputational damage and result in the loss of sensitive information.
Ransomware is known to infect computers and other electronic devices, such as smart phones, by a few different mechanisms. The malware can be downloaded when a person opens an email attachment containing a virus. People may also inadvertently expose their computers to ransomware by following links or pop-up windows to compromised websites. This second type of attack, which authorities call a “drive-by” attack, is becoming more common. Once the ransomware has been downloaded, hackers may demand untraceable payments in various forms, from prepaid cards to bitcoins.
Simple precautions may help businesses and other organizations mitigate the risk of ransomware attacks. It is advisable for computer users to choose passwords carefully and use only current antivirus software. People should also employ caution when downloading attachments or visiting new websites. Additionally, individuals and organizations can consider storing back-up copies of all of their files offline. This last measure won’t reduce the risk of an attack, but it ensures that essential information is not lost if one occurs.